REGIONAL ENTITY TRUSTEES MEETING OCTOBER 24, 2016 SPP ... trustee... · focused on CIP-002-5.1,...

Relationship-Based • Member-Driven • Independence Through Diversity Evolutionary vs. Revolutionary • Reliability & Economics Inseparable

REGIONAL ENTITY TRUSTEES MEETING

OCTOBER 24, 2016

SPP Corporate Center Little Rock, Arkansas

A G E N D A

8:00 a.m. – 3:00 p.m.

1. Call to Order/Introductions ............................................................................. Dave Christiano

2. Antitrust Guidelines ........................................................................................ Dave Christiano

3. Approval of Meeting Minutes – July 25, 2016 ................................................ Dave Christiano

4. Winter Reliability Assessment Overview .......................................................... Lanny Nickell Action Item: Endorse the report

5. NERC Compliance and Certification Committee ................................. Jennifer Flandermeyer

6. SPP RE Risk Assessment ....................................................................................... Ron Ciesiel Action Item: Endorse Risk Assessment

7. SPP RE 2016 Trustee Self-Assessment ........................................................... Dave Christiano Action Item: Approve for submission to SPP, Inc. Corporate Governance Committee

8. 2016 Stakeholder Satisfaction Survey Results ....................................................... Ron Ciesiel

9. 2017 Implementation Plan .................................................................................... Jim Williams

10. CIP Update ............................................................................................................. Kevin Perry

11. 3 Q Event Analysis ..........................................................................................Alan Wahlstrom

12. Enforcement Report ............................................................................................... Joe Gertsch

13. General Manager’s Report/Compliance Report ..................................................... Ron Ciesiel

14. SPP RE Third Quarter Financial Report ....................................................................... Ron Ciesiel

15. Staff Goals and Metrics .................................................................................................. Ron Ciesiel

16. Outreach Activity ......................................................................................................... Emily Pennel


17. NERC COMMITTEE REPORTS – Comments or Questions a. Planning Committee ..................................................................... Noman Williams b. NERC Operating Committee Report .............................................. Jim Useldinger c. System Protection and Control ....................................................................... Open d. Critical Infrastructure Protection Committee .......................................... Eric Ervin

18. Existing and New Action Items .......................................................................... Emily Pennel

19. Future Meetings .............................................................................................. Dave Christiano

January 30, 2017- Dallas, TX

April 24, 2017- Tulsa, OK

July 24, 2017 - Denver

Oct. 30, 2017 - Little Rock

https://www.spp.org/events/calendar/re-trustees-meeting-2017-01-30/

https://www.spp.org/events/calendar/regional-entity-trustees-meeting-2017-04-24/

Relationship-Based • Member-Driven • Independence Through Diversity

Evolutionary vs. Revolutionary • Reliability & Economics Inseparable

11

SPP Regional Entity Antitrust Guidelines

It is SPP RE’s policy and practice to obey the antitrust laws and to avoid all conduct that unreasonably restrains competition. This policy requires the avoidance of any conduct that violates, or which might appear to violate, the antitrust laws. Among other things, the antitrust laws forbid any agreement between or among competitors regarding prices, availability of service, product design, terms of sale, division of markets, allocation of customers or any other activity that unreasonably restrains competition.


Southwest Power Pool

REGIONAL ENTITY TRUSTEES MEETING July 25, 2016

Rushmore Plaza Holiday Inn

Rapid City, South Dakota A G E N D A

7:30 a.m. – 12:00 p.m. MST

1. Call to Order/Introductions ......................................................................... Dave Christiano Chairman Christiano called the meeting to order at 7:30 a.m. He welcomed FERC representative Darrell Piatt and SPP Board members Bruce Scherr and Josh Martin.

2. Antitrust Guidelines ..................................................................................... Dave Christiano Attendees reviewed the guidelines.

3. Approval of Meeting Minutes – June 13, 2016 .......................................... Dave Christiano The Trustees approved the minutes with no changes.

4. New SPP RE Trustees.................................................................................. Dave Christiano Chairman Christiano introduced the soon-to-be elected SPP RE Trustees, Mark Maher and Steve Whitley. Mr. Maher retired from WECC as CEO; he spent 20 years at Bonneville Power and worked at several other utilities in both generation and transmission. Mr. Whitley started his career at TVA as a planner for 15 years, then moved to operations for 15 years. He retired as CEO of New York ISO. Both looking forward to serving SPP RE.

5. Long Term Reliability Assessment ................................................................ Lanny Nickell This is SPP’s first LTRA that includes the Integrated System. An annual load growth of 1% is projected over the next 10 years. While load isn’t changing very much, our resource mix is changing. The Capacity Margin Task Force approved a reduction of SPP’s Planning Reserve Margin (PRM) requirement from 13.6% to 12.0% on 2/16/16. The SPP Board of Directors approved this change. The new PRM requirement is expected to be effective 6/1/17. SPP’s robust transmission expansion is allowing us to reduce reserve margins and utilize diverse generation. We are expecting almost 1,600 miles of new 100+ KV to be constructed in the next 10 years. Early in 2016, the SPP Assessment Area saw nearly 50% of SPP’s load being served by wind generation at certain points, setting wind penetration records. We continue to include our members’ renewable portfolio standards in planning models. In 2016 we kicked off a Variable Generation Integration Study to look at high penetration circumstances. We expect we will eventually reach a point at which SPP can no longer reliably utilize all of the wind generation for SPP’s own internal demand needs, even with additional transmission infrastructure. We are expecting a reserve margin deficiency beginning in 2023, based on known and committed resources. However, the 10-year period will have enough reserves considering anticipated generation. The forecasted anticipated reserve margin is expected to be ~12 in 2026. SPP has created a new Supply Adequacy Working Group and is working on a Resource Adequacy


Workbook. Energy efficiency is growing, from 396 MW in 2017 to ~1,362 MW in 2026. We are expecting ~3400 MW of confirmed nameplate generation to be retired over next 10 years, primarily natural gas. The uncertainty of potential policy changes related to generation retirements is an emerging reliability issue. The SPP RE Trustees unanimously accepted the LTRA for submission to NERC, and asked to be notified if there are any substantive changes.

6. 2Q Events Report and Facility Ratings Alert Update ............................... Alan Wahlstrom Five events occurred in the SPP region during second quarter of 2016. All events were in lowest assignable risk category; two events met the threshold to be considered in the NERC Events Analysis program. One event was category 1a. Loss of three or more elements and one event was category 1h. Partial loss of monitoring and control. Mr. Wahlstrom reviewed recent NERC Lessons Learned. Mr. Ciesiel noted that two-thirds of NERC reportable events are EMS-related issues. Trustee Burrows asked if industry is reading the Lessons Learned. NERC does workshops in which they discuss Lessons Learned, and NERC has shared this information at SPP RE’s workshops. Reliability Compliance Working Group Chair Jennifer Flandermeyer noted that a number of Registered Entities have formal programs for reviewing Lessons Learned, and the Regional Compliance Working Group and Events Analysis Working Group discuss them. The SPP RTO Training Group shares information from operational Lessons Learned at their stakeholder operator trainings. NERC’s AC Substation Equipment Task Force recommended the NERC Event Analysis process collect information on station equipment failures going forward. Regarding the Facility Ratings Alert, 100% of high priority line discrepancies are complete, 94.4% of medium priority line discrepancies are complete, and 90.5% of low priority line discrepancies are complete.

7. CIP Update ............................................................................................................ Ron Ciesiel

CIP V5 Revisions (V6) became effective 7/1/16 for High and Medium Impact BES Cyber Systems. So far we have seen a few Self-Reports on the new standards, but it seems to be going well overall. The first CIP audit under the new standards is going on this week. CIP audits will be primarily focused on CIP-002-5.1, CIP-005-5, CIP-006-6, CIP-007-6, and CIP-010-2. Other requirements may be included, depending on past compliance history. All field work for CIP-014-2 audits has to be performed on-site; the standards’ language prohibits removal of any evidence from the Registered Entity’s site. We will resume auditing non-BA, non-TOP Registered Entities with only Low Impact BES Cyber Systems beginning 2Q 2017. We have not heard anything about which Registered Entities FERC will audit.

8. Enforcement Report ............................................................................................ Joe Gertsch

The current caseload is 91 active violations; 43 are Ops & Planning violations and 48 are CIP violations. This year 29 violations have been processed as Compliance Exceptions. There is no requirement for a Registered Entity to submit a Mitigation Plan unless we issue them a Notice of Alleged Violation(s) and Penalty or Sanction. We generally do not send a violation to NERC until mitigating activities are complete.


9. General Manager’s & Compliance Report ......................................................... Ron Ciesiel SPP RE’s goal is to complete an IRA for each SPP RE Registered Entity by the end of 2016. We have completed 35 and submitted the Summary Report to NERC. SPP RE has conducted 4 Internal Control Evaluations, which have removed requirements from review and reduced sample size. There are 187 Multiple Regional Registered Entities (MRRE) participating in the Coordinated Oversight Program. SPP RE is the Lead Region Entity for 5 groups with 15 MRREs. The MRRE program has helped coordinate oversight activities across the ERO. PRC-005 is now back at the top of SPP RE’s most violated standards; most were self-reported and are being mitigated, which is good. The number of CIP violations has dropped dramatically; hopefully this will carry over into the new CIP standards. Incoming violations have continued to drop dramatically since the 2010 peak. The last actionable vegetation management event in our region was in 2010. The misoperations rolling average has had a slight uptick. It takes a long time to “move the needle” on misoperations. NERC is giving greater attention to this issue. Communication failures have resurged as the main cause of misoperations. Monica Evans joined SPP RE as an Administrative Assistant, and Alison Hayes has returned to the SPP RE as an Attorney. Steven Keller transferred to the RTO Compliance Group, and Greg Sorenson is moving into SPP’s Market Monitoring group.

10. Outreach Activity ............................................................................................. Emily Pennel There were 205 in-person/webinar attendees at May CIP workshop. We have posted 14 new videos to the online training library. The agenda has been posted for the Fall Workshop, Sept. 20-21 in Oklahoma City and via webinar.

11. Financial Report/Year-to-Date Financial Statement ..................................... Debbie Currie

The Trustees approved the $10.9M budget in June. There was an assessment increase of $466k or 5.4%. Our total expenses are ~$339k under budget. Open positions drive a large percentage of the actual-to-budget variance. At the end of the second quarter, SPP RE projects to be under budget by $450k.

12. Staff Goals and Metrics ...................................................................................... Ron Ciesiel

Of the 15 staff metrics, we are on track with all but one. We are a bit behind on the mitigation plan acceptance.

13. NERC CIPC Report .................................................................................................. Eric Ervin Mr. Ervin is the SPP CIP Working Group Chair and SPP RE’s representative on the NERC CIP Committee. NERC is offering CIP security workshops before the CIPC meetings; they have been well attended and informative. The CIPC is holding an Energy Sector Classified Briefing in December. The E-ISAC is continuing to improve. The group just published a “how to” guide and is developing user communities and a plan to evaluate the 24/7 watch and notification capability. The E-ISAC is working to develop an automated threat sharing platform that will be very helpful to members. The group is looking at the way the nuclear industry conducts pre-employment background checks to see if the electric sector can adopt some of the same practices. The Physical Security Advisory Group developed the Electricity Sector Design Basis Threat document in February to provide instruction on using a design basis threat for the physical infrastructure of the BES. The group considered potential emerging threat vectors from unmanned aircraft systems and vehicle-borne improvised explosive devices. The Physical Security Subcommittee published a draft of Security Management in the North American


Electricity Sub-Sector on the E-ISAC portal. The guideline provides a framework for comprehensive security protection of the electricity sub-sector in North America.

14. NERC Committee Representative Written Reports - Comments or Questions 14a. Planning Committee Report .................................................................... Noman Williams 14b. Compliance and Certification Committee Report ........................... Jennifer Flandermeyer 14c. NERC Operating Committee Report .......................................................... Jim Usledinger 14d. System Protection and Control Report ..................................................................... Open

15. New Action Items .............................................................................................. Emily Pennel No new lessons learned were captured.

16. Future Meetings ........................................................................................... Dave Christiano

October 24, 2016 – Little Rock January 30, 2017 – Dallas April 24, 2017 – Tulsa July 24, 2017 – Denver Oct. 30, 2017 – Little Rock

SPP 2016/2017 Winter Assessment Overview

1

Assessment Area

2

The Winter Assessment was performed on the SPP Planning Coordinator footprint, which includes the Integrated System (IS)

Winter Planning Reserve Margin

3

• SPP Assessment Area planning reserve margin requirement is 12%

• The forecasted reserve margin is 60% for the 2016-2017 winter season Based on Existing Capacity and Net Firm

Transfers This reserve margin is calculated using a

coincident Net Internal Demand of 40,249 MWs

Demand and Capacity

4

• SPP Assessment Area Total Internal Demand shown below is a non-coincident number based on member demand obtained in the Energy Information Administration (EIA)-411 annual data request

• SPP reported this year, to NERC, a Total Internal Demand of 40,618 MWs and a Net Internal Demand of 40,249 MWs Difference between Total and Net Internal

Demand is 369 MW of Demand Response

• Capacity resources represent Net Capability 64,311 MW Existing Certain Capacity Resources Includes net transactions of -1,537 MW

2016 Reliability Concerns

5

• Operations has no ongoing identified concerns

• Variable resource integration continues to be an active issue SPP set several new wind penetration records during

the first quarter of 2016 SPP is adding two new 70 MW solar farms in 2016

NERC CCC Update

October 24, 2016

Jennifer Flandermeyer

CCC Work Plan Updates

2

• 2016 Work Plan Status– Full 2016 Work Plan and status reporting provided in

background materials

– On target to complete all items as projected and scheduled

• 2017 Work Plan Status– Developed and in review by Committee

– Aligned with completion of Section 215 responsibilities and ERO Strategic Plan

– Presented to NERC EWRC / BOT for approval in February 2017 meetings

Targeted Feedback Sessions - CCC Activities

3

• The CCC will conduct focused feedback sessions twice annually in support of continued ERO success. These will include the following elements:

– Discuss topics related to Risk-Based Compliance Monitoring and Enforcement Programs (CMEP)

– Facilitate a round-table discussions with the CCC as a focus group concept that will allow opportunities to:

offer implementation observations,

suggest solutions to issues encountered by registered entities during implementation, and

identify areas for CCC collaboration.

• Materials associated in published agenda packages are not intended to be a guideline that alters any previously posted or approved ERO materials.

CCC Activities Update

4

• Nominations and SPP Member Company Participation

• Functional Model Comments submission

• Stakeholder Perception Survey

• Procedures Update

• Quality Review Completion

• NERC ORCP and CMEP Audit Update

NERC CCC Meeting Schedule

5

– November 29-30, 2016: Arlington, VA (NRECA offices) with CCC Hearing Training

– March 15-16, 2017: Atlanta, GA

– May 17-18, 2017: Salt Lake City, UT (WECC offices)

– September 13-14, 2017: Atlanta, GA

– November 29-30, 2017: West Palm Beach, FL (FPL offices)

1

SPP RE Risk RegisterOctober 24, 2016

Ron CiesielRE General Manager

ERO Enterprise Inherent Risks15 risks identified and ranked by NERC ERO Enterprise Management Group in April 2016

1. Major event

2. Protection of confidential information

3. IT Systems and security

4. Timeliness and effectiveness of standards

5. Change in law

6. Strategic planning and performance measurement

7. Talent and expertise

8. Objectivity2

ERO Enterprise Inherent Risks15 risks identified and ranked by NERC ERO Enterprise Management Group in April 2016

9. Governance and ethics

10. Project management

11. Enterprise operating model

12. External communications

13. Financial viability

14. Business continuity

15. Canadian and Mexican institutional and regulatory relations

3

ERO Inherent Risk Ranking Criteria used to develop Inherent Risk ranking

4

Ranking Description

4 - HighControls and/or management activities properly designed and operating, with opportunities for improvement identified

3- Medium HighKey controls and/or management activities in place, with significant opportunities for improvement identified

2- Medium Low

Limited controls and/or management activities in place, high level of risk remains or controls have major deficiencies and do not operate as intended

1 – Cannot/Elect Not to Mitigate

Controls and/or management activities are non-existent or cannot be mitigated

Risks tied to ERO Strategic Goals

Goal 1: Standards

Goal 2: Compliance, Monitoring, Enforcement, Registration, and Certification

Goal 3: Risks to Reliability

Goal 4: ERO Enterprise identifies, evaluates, studies, and independently assesses emerging risks to reliability

Goal 5: Coordination and Collaboration

5

Development of Regional Risk Registers

• Each region identifies organization’s internal controls for each risk

• Internal control effectiveness score determined for each risk using ERO ranking criteria

• Residual risk identified and scored (Inherent Risk less Internal Controls)

• Establishes Regional Risk Register

6

SPP RE Regional Risk Register• Internal controls identified and categorized by type of

control:– Detective

– Preventive

– Corrective

• Subset of RE employees asked to rate internal controls– Experienced employees across all functions required by

the Regional Delegation Agreement

• Average score developed for each risk

7

Effectiveness of SPP RE Internal Controls• SPP RE’s Internal Controls effective for reducing 14 out

of 15 risks

• One risk not applicable to SPP RE– Canadian and Mexican regulatory relations

• Results will be used to identify continuous improvement opportunities within SPP RE

• SPP will work with NERC and other regions on ERO-wide improvement opportunities

8

Next Steps

• Regional risk registers submitted to NERC November 15

• NERC will create an ERO-wide risk register– Compilation of NERC and 8 regional risk registers

• ERO-wide risk register is a management tool that will be used by NERC and the Regions in 2017 to assess:– Future priorities

– Resource allocation and activities

9

SPP Organizational Group Self-Evaluation/Assessment (August 2015 – July 2016)

GROUP NAME: SPP Regional Entity Trustees CHARTER/SCOPE UPDATE: Attached Charter/Scope has been reviewed: N/A MEMBER ROSTER/ATTENDANCE PUBLIC:

Member Company Sector #

Present #

Absent Meyer, John RE Trustee, Chairman N/A 2/2 0/2 Burrows, Gerry RE Trustee N/A 6 0 Christiano, Dave RE Trustee N/A 6 0 Pennel, Emily RE Trustee Secretary N/A 5 1

Please list the number of members represented in the following areas:

Trans/Owners Trans/Users Directors N/A N/A N/A

Sectors

IOU Coop Muni State/Fed IPP/Marketer Alt Power/Public Interest Lg Retail Sm Retail N/A N/A N/A N/A N/A N/A N/A N/A

AVERAGE OVERALL ATTENDANCE (INCLUDING NON-GROUP MEMBERS): 33 MEETINGS HELD TO DATE: Face-to-face: 5 Teleconference: 1 AVERAGE LENGTH OF MEETINGS: 4.5 HOURS NUMBER OF VOTES TAKEN: 14 *MEETING COST(S): $55,784.61 MAJOR ACCOMPLISHMENTS/ISSUES ADDRESSED BY THE GROUP:

1. Overall 2015 staff performance goals and metrics achievement was 115% 2. To ensure continuing independence of the SPP RE Trustees, worked with Corporate

Governance Committee to change procedures by which Trustees are nominated/elected and added two new Trustee positions

3. Continued implementing Risk Based Compliance Monitoring and Enforcement Program (CMEP) processes including Inherent Risk Assessments, Internal Control Evaluations, and Self-Logging

4. Implemented compliance monitoring plan for the new CIP V5 standards 5. Continued outreach program of webinars, workshops, newsletters, and videos, including

targeted CIP V5 outreach at stakeholder companies 6. Maintained favorable stakeholder satisfaction score on the SPP RE and NERC annual

surveys 7. Maintained <12 month enforcement caseload

8. Implemented registration changes based on FERC orders re: Distribution Providers and Load Serving Entities

9. Reviewed/accepted three regional reliability assessments 10. Operated RE within approved budget limits

MAJOR PENDING ISSUES BEFORE THE GROUP:

1. Managing intense CIP V5 monitoring schedule in 2017 and possible influx of enforcement issues from the new standards

2. Continuing to focus on monitoring relay misoperations 3. Continuing targeted outreach to improve Registered Entity compliance programs, reduce

enforcement issues, and achieve greater BES reliability 4. Continuing to work with NERC and other Regional Entities to streamline CMEP

processes through tools the Risk-Based CMEP, auditor training/certification, added on-site audit efficiencies, and risk-based audit scope

5. Ensuring Registered Entities have remediated all Facility Ratings Alert discrepancies by the end of 2016

6. Monitoring and managing the diverging SPP RE and RTO footprints

* Meeting costs include hotel expenses (room rental, A/V, food and beverage) and Trustee fees for attendance at quarterly and special meetings.

2 0 1 6 S P P R E S t a k e h o l d e r S a t i s f a c t i o n S u r v e y R e p o r t

Southwest Power Pool Regional Entity Executive Summary

2016 SPP RE Stakeholder Satisfaction Survey Report 2

Table of Contents

Executive Summary .....................................................................................................................................3

Demographics ...............................................................................................................................................5

Interaction with other Regional Entities....................................................................................................6

Operations and Planning Compliance Monitoring ...................................................................................7

Critical Infrastructure Protection (CIP) Compliance Monitoring .........................................................9

Enforcement .................................................................................................................................................11

Event Analysis and Reliability Assessments ..............................................................................................14

Outreach .......................................................................................................................................................15

Electronic Tools ............................................................................................................................................17

Registration and Certification ....................................................................................................................19

Overall Performance 2011-2016 .................................................................................................................20

Qualitative - Dissatisfaction ........................................................................................................................21

Qualitative - Satisfaction .............................................................................................................................22

Qualitative – Exceed Expectations .............................................................................................................23

Southwest Power Pool Regional Entity Quantitative Results


Executive Summary

SPP RE strives to continuously improve its performance of its NERC-delegated functions. Each year SPP RE asks its Registered Entities to provide anonymous input on the organization’s programs and customer service to stakeholders. SPP RE issued the 2016 Stakeholder Satisfaction Survey on September 26, 2016 to the 86 Primary Compliance Contacts who are registered in SPP RE’s compliance database (webCDMS). The survey had a 64% response rate. Of the 55 respondents, 7 opted out of the survey. Respondents were asked to assess seven SPP RE programs on their importance, how well they meet expectations, and customer service/responsiveness. Stakeholders were also asked to assess SPP RE’s performance in relation to other Regional Entities, to rate overall performance, and to provide qualitative comments. Of the 21 respondents who interact with other Regional Entities, none rated SPP much worse, 5% rated SPP RE somewhat worse, 30% rated SPP RE about the same, 45% rated SPP RE somewhat better, and 20% rated SPP RE much better. When asked how well SPP RE’s programs and services meet expectations, respondents rated all with average scores in the meets expectations range between 3.2 and 3.6.

How well program meets expectations

Denotes the 2015 rating.

1.0 2.0 3.0 4.0 5.0

E-tools

Events & Assessments

Enforcement

CIP Monitoring

Registration & Certification

Ops & Planning Monitoring

Outreach

3.2

3.2

3.2

3.3

3.3

3.4

3.6

Fails to Almost Meets Exceeds Greatly Meet Meets Exceeds



1

2

2

1

1

1

4

1

1

1

10

15

17

7

6

10

30

31

23

25

23

19

5

14

10

23

15

17

2011

2012

2013

2014

2015

2016

1-Poor 2-Below Average 3-Average 4-Good 5-Excellent

When asked to rate employees’ customer service ability or programs’ responsiveness to needs, respondents rated all with average scores between average and excellent, from 3.9 to 4.4.

Customer Service/Responsiveness

Denotes the 2015 rating. The 2016 overall satisfaction rating of 4.0 is slightly down from last year’s rating of 4.1.

SPP RE Overall1

1 Stacked bar charts throughout this report indicate the number of respondents in each category, not the percentage. “N” represents the number of people who responded to that question, while “X” denotes the average response.

1 2 3 4 5

Enforcement

Registration & Certification

Events & Assessments

CIP Monitoring

Outreach

Ops & Planning Monitoring

3.9

4

4

4.2

4.2

4.4

n=58 x=4.1

n=60 x=4.0 n=47 x=3.8

n=46 x=4.1

n=56 x=3.6

n=48 x=4.0

Poor Below Average Good Excellent Average



Demographics

I choose not to take this survey because:

How often do you interact with SPP RE?

I do not work with SPP RE

enough to provide input

100%

Other25%

Weekly10%

Monthly44%

A few times per year42%

Rarely4%

Number reporting (n) =7

n=50



Interaction with other Regional Entities

Do you interact with other Regional Entities?

If "yes", how does SPP RE compare with the Regional Entities with which you interact most often?

Yes44%No

56%

Much worse

0%

Somewhat worse

5%

About the same30%

Somewhat better45%

Much better20%

n=48

n=20



Operations and Planning Compliance Monitoring

How well does our Operations & Planning (693) program meet your expectations? Please rate the Operations & Planning (693) staff's customer service ability (responsiveness, professionalism, problem solving, and communication skills): Please share your suggestions for improving our Operations and Planning (693) Compliance Monitoring program:

• IRA/ICE reviews are somewhat unclear as the value of this exercise.Im not sure many entities have bought into the time it takes to have an IRA/ICE and NERC plans to change this program. Granted the SPP-RE is at the mercy of NERC.

• It would be helpful if RE Staff would provide more guidance on how to comply with new Operations and Planning requirements. We typically only get presentations re-stating the language in the standard.

• I think they are doing an outstanding job and are all great to work with.

• Self-report process was well below my expectations in the timeliness and following

procedures.

• The IRA and ICE processes continue to evolve and develop. Team should remain open to Entity suggestions for improvements and increased transparency. Audit process is very good. Staff is professional and responsive.

• Communication needs to describe expectations and interpretations of new and revised standards.

2

1

1

5

1

1

12

13

14

23

7

13

13

13

2

3

1

4

IRA/ICE Reviews

Audits

Self-Reports

Self-Certifications

1-Failsto Meet

2- Almost Meets

3 - Meets 4-Exceeds 5- GreatlyExceeds

1 7 10 28Customer Service


n=42 x=3.4

n=30 x=3.4 n=29 x=3.7

n=46 x=4.4

Average=3.4

n=28 x=3.1



• We are a multi region facility, but there methods of reporting, reporting websites are different from each region. It is constantly duplicated work to keep up in both regions. Making sure that we are included in all the reporting sections we should be has been problematic.

• no issues

• ALL workshops should be made available by webex. The Spring workshop of 2016 was not available by webex. Also you need to have a better program in welcoming new people and getting them familiar with all the SPP contacts and resources within SPP. All newly registered Primary Contacts in OATI WebCDMS should get an orientation on SPP Compliance Enforcement where to find resources and where important information is stored.

• We are part of MRRE. I would suggest there is room for improvement regarding data submittals in terms of communications between the regions.

• Some conclusions on the IRA contradict conclusions in other related areas.

• We are now an MRRE with MRO as our lead. Many of these functions are now performed for us by MRO.

• I always enjoy reaching out to the staff at SPP for guidance. All SPP RE staff conducts themselves in a constructive manner and provided LAFA with positive insight and suggestions. The depth of suggestions SPP RE offers could only be provided by seasoned experts, and this information greatly benefit LAFA’s Compliance Program.

• Easy to talk to. I appreciate their availability to talk through the issues versus just emailing. Very personable and knowledgeable.



Critical Infrastructure Protection (CIP) Compliance Monitoring

How well does our CIP program meet your expectations? Please rate the CIP staff's customer service ability (responsiveness, professionalism, problem solving, and communication skills): Please share your suggestions for improving our CIP program:

• IRA/ICE reviews are somewhat unclear as the value of this exercise.Im not sure many entities have bought into the time it takes to have an IRA/ICE and NERC plans to change this program. Granted the SPP-RE is at the mercy of NERC.

• We are currently N/A but interactions explaining our situation were professional, and pleasant

• Availability of Staff is very limited. I realize that there are multiple Audits, IRA & ICE reviews, etc., however the CIP Staff is not nearly as responsive as the O&P Staff. There also seems to be a disconnect between the Audit and Enforcement teams.

• Same comments as above. I do believe there should be a focused effort on CIP RE Staff development and growth with Kevin's retirement not far off.

• The IRA questionnaire includes items that are no longer or not yet compliance obligations. This is confusing. In addition there are items that are not clearly defined so the entity makes assumptions.

• The CIP team has been readily available to answer questions during the CIP V5 transition

2

1

3

1

2

11

8

14

20

6

11

8

10

1

2

1

1

IRA/ICE Reviews

Audits

Self-Reports

Self-Certifications

1-Failsto Meet

2- Almost Meets


1 6 13 16Customer Service


n=32 x=3.3

n=22 x=3.6

n=23 x=3.0

n=36 x=4.2

Average=3.3

n=25 x=3.3



• I have not worked much with CIP at SPP to have an opinion or an observation other than it has not been intrusive.

• no issues

• Clarification on how Control Monitoring Rooms that control a fleet of assets should be registered not only for the Registered Entity but also internally within SPP.

• The rating above for "Audits" is based on Robert Vaughn's responsiveness to date related to pre-audit activities. The CIP audit is scheduled for later this. year.

• it is next to impossible as a MRRE to get a combined answer out of our lead region (RF) to CIP technical questions. Any assistance you can offer would be greatly appreciated.

• The CIP Outreach program is outstanding.

• We are now an MRRE with MRO as our lead. Many of these functions are now performed for us by MRO.

• All SPP RE staff conducts themselves in a constructive manner and provided LAFA with positive insight and suggestions. The depth of suggestions SPP RE offers could only be provided by seasoned experts, and this information greatly benefit LAFA’s Compliance Program. I never mind contacting the Staff at SPP as I feel like I am reaching out to anther entity rather than my enforcement authority.

• In the above question (CIP Compliance Monitoring staff's customer service ability), the responses may vary drastically. Though I understand this survey cannot rate individuals, the performance of individuals will affect the responses. Some staff need refresher training on professionalism. This is not a gripe or complaint, it is a factual statement.



Enforcement

How well does our Enforcement program meet your expectations? Please rate the Enforcement staff's customer service ability (responsiveness, professionalism, problem solving, and communication skills):

Please share your suggestions for improving our Enforcement program:

• Fortunately we have not had the opportunity to interact with the enforcement group. I'm sure they are the same quality as the rest of the RE staff which is great.

• Our current Mitigation process was extremely difficult. We had our own issues, however at least 4 of the Mitigation Plans that were accepted by SPP RE and approved by NERC were later rejected/reopened by Enforcement. During the process itself we received contradictory instructions and experienced numerous changes from Enforcement in how to address issues withing several plans. Just when it seemed that we were tracking, a change in view would occur and the Plan would have to be completely overhauled. We are interested in getting issues addressed and mitigated, however there was a superiority attitude expressed by Enforcement that often times didn't alighn with the guidance provide by the Audit Team from the Audit, Exit Presentation and Final Report. In the end, the Settlement document described our company as "uncooperative", when in fact we had been nothing but cooperative even in the face of the issues previously described. The process did take longer than we would have liked, however that is not all our fault. We were delayed by a "required" SRP, caught in the transistion to v5 from a December 2014 Audit and not provided consistent feedback from Enforcement. This does not excuse the violations assigned to our company, but given the size and lack of risk to the BES, is placing so much time and effort on one small entity that appropriate and effective. This approach used up a considerable amount of time and manpower on both sides that could have been avoided.

1 2 6 12 8Customer Service


1 4

2

3

14

10

11

6

5

4

2

2

Mitigation Plan processing

Violation (NOP) processing

FFT/Compliance ExceptionProcessing

1-Failsto Meet

2- Almost Meets


n=20 x=3.3

n=25 x=3.0

n=29 x=3.9

Average=3.2

n=19 x=3.4



The penalty amount for Settlement was not way out of line given the violations, however it was inconsistent give that in the previous Audit there were 60+ violations (every Standard, almost every Requirement) and a penalty amount was agreed upon of $100k. 13 violations in 2014 earned a $500k+ penalty assessment, which is not consistent with the previous Audit Settlement. We have demonstrated fully mitigative activities and have gone beyond what is required to achieve compliance. A couple overhaul of the company's CIP team and doubling size added to the hardware/software measures installed to enhance and improve the company's cyber security program. We are continuing to invest into the Compliance Program to enhance and improve its effectiveness and resilience, but don't seem to be getting much recognition for our efforts and actions. The staffing level was very low at the time of the Audit, and it has taken until the first of this year to increase staffin in the Compliance Department (from 1 to 3, a 4th is coming in 2017) and in the Control Center (from 3 to 7, 6 new people, 2 from Audit period moved on). In discussions with other Entities we have heard similar issues with Enforcement. However, no one knows how to address the situation and what actions are available to improve the situation for all. No one wants to make a complaint to NERC and would rather handle it internal to SPP, but it doesn't appear that SPP believe there is a problem and that is always the first step to conflict resolution. In my opinion, the SPP RE Enforcement Staff is undermanned and could use at least 1 more person on the CIP side to relieve the burden of work on the 1 individual currently handling the CIP Mitigation Plans. I believe that the current issues can be worked out if both sides are willing to work out the differences. My focus since becoming the Compliance Officer has been first to address our attitude and the Culture of Compliance in how we communicate internally and externally. I believe we have made significant progress in this area and have several reports from RE Staff that indicate so. The next step was to dig into the policies, processes and procedures that drive the internal compliance activities. That has, in most cases, been a slower and more challenging process, but is beginning to show signs of improvement (2016 O&P Audit only had 3 PVs, compared to many more and more significant failings in 2013). I have already mentioned the significant reduction in PVs from 2011 to 2014 for CIP Audits. We made 4 Self-Reports in 2016 and mitigated all as Mitigating Activities. We are scheduling 2 self-assessments of our CIP program in early 2017 to prepare for the CIP Audit in the fall. We expect to improve our performance further from the 2014 experience. This is a joint effort between SPP and the Entities to address reliability of the BES and minimization of risk. The best way to achieve this goal is through a non-adversarial approach with cooperation on both sides. Thank you for the opportunity to provide these comments. I would be willing to discuss any of these issues (or any others) with you at any time.

• Enforcement Staff is very professional and responsive. Good knowledge of subject matter.

• If the approach is supposed to be risk based then the same amount of documentation should not be expected for all issues processed.



• There have not been any need for mitigation as to my knowledge for this facility.

• Some minor problems remain in interpreting necessary mitigation action for the audit

violation language. Two causes: 1) Violation language is ambiguous and incomplete; 2) There is a significant amount of scope creep in assessing mitigation actions.

• We'd like to see all of the regions work to formalize the self-log program. We support the self-logging initiative; however, the execution has led to confusion. For example, reporting in a spreadsheet rather than CDMS has increased administrative burden and makes it more difficult to share information. Additionally, the lack of a formal mitigation plan has made it much more difficult to dialogue with the regions on proposed mitigation steps, which is an important collaboration point.

• All SPP RE staff conducts themselves in a constructive manner and provided LAFA with positive insight and suggestions. The depth of suggestions SPP RE offers could only be provided by seasoned experts, and this information greatly benefit LAFA’s Compliance Program.

• I have found over the past several years (from my perspective) staffing levels for Enforcement is inadequate. There have been positions that people have left, that remain unfilled for an extended period of time. However, the audit schedule has not scaled back or been reduced. It appears there is more emphasis placed on the number of audits and less emphasis on resolution of the audits results, through Enforcement.



Event Analysis and Reliability Assessments

How well do our Event Analysis/Lessons Learned and Reliability Assessment programs meet your expectations? Please rate our Event Analysis/Lessons Learned and Reliability Assessment staff's customer service ability (responsiveness, professionalism, problem solving, and communication skills):

Please share your suggestions for improving our Event Analysis/Lessons Learned and Reliability Assessment programs:

• As always evaluate the need of activities such as Events Analysis to make sure this is a group that is needed.

• We have not had the opportunity to interact with Event Analysis group, I'm sure they are the same quality as the rest of the RE staff which is great.

• Alan is always available to discuss possible events and provide guidance.

• Event analysis staff gathering information about generation outages from sources outside the company. When validated with staff within the company outage information was not correct. This process should be improved.

1 3 9 6Responsiveness


1

1

1 10

11

6

6

Event Analysis

Reliability Assessments

1-Failsto Meet

2- Almost Meets


2

2

1

1

22

23

10

8

3Event Analysis/LessonsLearned

Reliability Assessments

1-Failsto Meet

2- Almost Meets


n=18 x=3.2

n=18 x=3.2

n=19 x=4.0

Average=3.2



Outreach

How well does our Outreach program meet your expectations? Please rate our Outreach program's responsiveness to your needs: Please share your suggestions for improving our Outreach program:

• Emily does a great job of organizing and facilitating the RE Workshops.

• Continue to do what you are doing. Much of your success is based upon the speakers that volunteer for workshops.

• I am not big on the videos but all other Outreach is great. Emily (and RE Staff) do a great job with the workshops. Thanks.

• Videos need to be reviewed for applicability. Workshops need to communicate expectations verses reviewing what the new or revised standard includes.

• I deal more with our other region.

• no issues

• ALL workshops should be made available by webex. The Spring workshop of 2016 was not available by webex. Also you need to have a better program in welcoming new people and getting them familiar with all the SPP contacts and resources within SPP. All newly registered Primary Contacts in OATI WebCDMS should get an orientation on SPP Compliance Enforcement where to find resources and where important information is stored.

• We felt the CIP v5 Readiness Review was very beneficial to our organization.

1

1

1 1

20

15

22

21

22

12

5

6

3

Newsletters

Workshops

Videos

1-Failsto Meet

2- Almost Meets


1 1 5 16 20Responsiveness


n=39 x=3.4

n=47 x=3.6

n=43 x=4.2

1

Average=3.6

n=44 x=3.7



• Workshop - should address future NERC Standards/Revisions. Instead of reading the

requirements. SPPRE should discuss what type of evidence/documentation they would expect to see for compliance.



Electronic Tools

How well do our electronic tools meet your expectations? Please share your suggestions for improving our electronic tools:

• Web CDMS has improved over time, but its still not very operator friendly. The user interface is "clunky" at best. Over time experienced people get used to its "clunkyness" but a new user is at a whole new level of frustration when using it. I wish there was a more "windows friendly" interface developed.

• CDMS functions but only at an acceptable level. Once you have used if for a year or more,

you become familiar with how to make it work more effectively. There is a need for training (possibly a video) to assist people that are newly exposed to the system.

• Hard for an electronic tool to exceed expectations! • Only works with Explorer? • SPP .org website not quite as user friendly as it used to be. • There has been issues with having access to all sections of the SPP RE and EFT Server

related to my facility that took longer than it should have to clear up. • no issues • webCDMS is cumbersome to use and this intensifies if you are a large company. • The new SPP RE web-page has improved. • Uploaded data sometimes "disappears" from the EFT Server. • The Java-enabled version of the EFT server does not work well (which, admittedly, may be

an issue on our side), so the interface ends up being somewhat clunky and doesn't allow for multiple files to be uploaded.

1

1

2

3

5

4

29

26

27

12

9

13

3

2

2

RE webpages of SPP.org

EFT Server

webCDMS

1-Failsto Meet

2- Almost Meets


n=48 x=3.2

n=43 x=3.1

n=48 x=3.3

Average=3.2



• LAFA had to install a client software for the SPP EFT Server to work. The internet base tool

requires additional software to function properly. The webCDMS user interface feels clunky and transitioning data between years is not intuitive.

• WebCDMS is not as user friendly as it should be. Resources need to be allocated to make

improvements to webCDMS, because it is utilized by the Registered Entities frequently. • For multi registered entities, I desire that the Registered Entity could create a one page

dashboard that shows all its entities in the SPP footprint. • Ensuring that CDMS is updated in a timely manner when a violation is going through

different stages of disposition processing so that Registered Entities can have a better status reporting tool.



Registration and Certification

How well did SPP RE's processes meet your expectations?? Please rate the Registration & Certification staff's customer service ability (responsiveness, timeliness, technical expertise):

1

1

1

1

14

13

15

8

8

6

1

2

1

Registration

Certification

BES Definition

1-Failsto Meet

2- Almost Meets


1 1 5 10 9Responsiveness


n=24 x=3.2

n=23 x=3.5

n=26 x=4.0

Average=3.3 n=25 x=3.3



1

2

2

1

1

1

4

1

1

1

10

15

17

7

6

10

30

31

23

25

23

19

5

14

10

23

15

17

2011

2012

2013

2014

2015

2016


Overall Performance 2011-2016

The 2016 overall satisfaction rating of 4.0 was slightly lower than last year’s rating of 4.1.

n=58 x=4.1

n=60 x=4.0 n=47 x=3.8

n=46 x=4.1

n=56 x=3.6

n=48 x=4.0

Southwest Power Pool Regional Entity Qualitative Results


Qualitative - Dissatisfaction

Please share other comments regarding your dissatisfaction with SPP RE

• I believe there is still no separation between RTO and RE. Also, the Enforcement group is not independent of the Auditors.

• None

• There should be some common sense in regards to whether or not an entity should be registered or not. If an entity has no critical infrastructure, no critical CIP, no direct impact to the BES, there is should be no need to require the time/money a small entity is required to spend on all aspects of being registered with SPP or NERC.

• Please see previous comments with regard to Enforcement issues above in Section 3.

• ICE adoption has been slow but probably justified.

• Why bother. SPP is simply going through the motions.

• Pick 1 location or system to report documents to and stick with it. All webCDMS or all the other systems. Keep the system constant for at least a 10 year period. It feels like the format and tools are constantly changing for minimal if any improvement

• no issues

• For the Real and Reactive Power MOD-025 standard, other regions the BA plays much more of a role in coordinating entities for testing ie ISO-NE, PJM and NYISO. This involvement from the BA is not required by NERC, but is possibly why these regions have a robust real and reactive testing program. Sometimes the different regions can learn from each other.

• Please be more consistent with notifying Registered Entities of changes to the SPP RE Reporting Requirements document.

• Still a significant lag in interpreting CIP Standards.

• There has been a lack of stability with the CIP Compliance Staff and Enforcement, that appears to be magnified the past 12 months. A lot of knowledge and experience has be lost recently and it's frustrating to SPP staff and the entities that interact with.

• We've not encountered any problems.

Southwest Power Pool, Inc. Qualitative Results


Qualitative - Satisfaction

Please share other comments regarding your satisfaction with SPP RE:

• I commend your RE staff. They are most helpful to talk to on the phone and provide good

“interpersonal communication”. • SPP RE staff has been very responsive to any questions or issues. • RE Workshops have been very valuable. The time to network with Entity personnel and

especially RE Staff is very valuable. The RE CIP Staff has been exceptionally easy to engage in relevant discussions.

• Appropriate treatment of low risk issues (RBCM). • SPP RE personnel are readily accessible which is a big plus! • It may not be speedy, but SPP has resolved issues as they have occurred. • I have had no issue getting support from the SPP RE. I have been informed and up to date on

all things. • The audit interview process is very good. Not everything can be desk top and solely

explained in writing. The opportunity that SPP provides for Registered Entities to explain and ask questions saves a lot of misunderstandings.

• I have worked with Ron Losh on questions regarding our MOD standards testing for this

year. Ron has been very helpful with getting answers for us and getting us in contact with the right department at SPP.

• We appreciate the SPP RE Staff's efforts in preparing the workshops and ensuring the topics

presented are relevant and worthwhile. • I know SPP RE will keep me current on the happening in the NERC standards world. That

makes it easier to manage our company's compliance program for me. • CIP Outreach was very helpful to the extent firm answers were available.

Southwest Power Pool, Inc. Qualitative Results


Qualitative – Exceed Expectations

What specific things could we do to EXCEED expectations?

• I'm not sure what, something we ALL can do better is disseminate information internally to the group better on a regular basis... CIP to 693 as an example.

• Establish a more cooperative atmosphere. I tell people here that I'll be friendly but won't be their friend. The challenge here is to get other Entity staff to "buy in". I have stopped attending the SPP RTO Forum because it typically degenerates into a complaint session. On the contrary, the RE Workshop strives to be educational and informative.

• There are always areas for improvement but the SPP RE is doing good work in an ever evolving Regulatory environment. Thanks.

• Continue to consider and coordinate with other entities.

• Come up with a uniform reporting method between all regions, have common standards between regions, truly have only 1 report for the same standard (MRRE reporting has been hit or miss).

• SPP compliance enforcement orientation for all newly registered Primary Contacts in webCDMS. Better compliance enforcement reporting tool, webCDMS is very slow and cumbersome.

2016 RE Stakeholder Satisfaction Survey Results

October 24, 2016

Ron CiesielSPP RE General Manager

• Sent to 86 Primary Compliance Contacts

• 55 respondents– 7 were “opt outs”

• 64% response rate

• Frequency of interaction:

About the respondents

2

3

All averages in meets expectations range between 3.2 and 3.6

How well program meets expectations

Customer Service/Responsiveness

4

All averages between average and excellent, from 3.9 to 4.4

SPP RE Overall1

n=58 x=4.1

n=60 x=4.0 n=47 x=3.8

n=46 x=4.1

n=56 x=3.6

n=48 x=4.0

Overall Satisfaction Year-By-Year

5

Overall score of 4 is good

Interaction with other Regional Entities

6

Qualitative: Dissatisfied

7

• Independence between RE/RTO and Compliance/Enforcement

• Difficult mitigation process

• Internal Control Evaluations: Slow adoption, unclear value

• IRA questionnaire is confusing

• Entity without critical infrastructure or BES impact shouldn’t have to register

• Communicate new standard expectations rather than reviewing requirements

• webCDMS is cumbersome; issues with EFT server

• Self-report follow up is slow

• Formalize self-logging program

• Loss of expertise in SPP RE staff; need to prepare for Kevin Perry’s departure and fill open positions

• Better communication re: changes in reporting requirements

• Multi-regional entities: duplicative work; improve communication among REs

• Need orientation for newly registered Primary Compliance Contacts

Qualitative: Satisfied

8

• Staff are: accessible, responsive, helpful, knowledgeable, professional, personable, pleasant, outstanding

• Workshops are valuable

• Resolving issues as they occur

• Audit interview process is very good

• Appropriate treatment of low risk issues

• CIP outreach was very helpful

• Proactive communication about the compliance world

Next Steps

• SPP RE management and staff will discuss survey results

• Management and staff will develop action plan to address concerns

9

2017 CMEP Implementation PlanJim [email protected]

1

Compliance Monitoring and Enforcement Program (CMEP) Implementation Plan (IP)• Electric Reliability Organization (ERO) IP is the annual

operating plan– ERO includes NERC and the Regional Entities

• SPP RE’s Regional IP is Appendix A6 of the ERO IP

• NERC collects and reviews each region’s IP and posts in November

• During the implementation year, NERC and the Regional Entities may update the IP – Emerging issues

– Monitoring schedules2

ERO RISK ASSESSMENT PROCESS

3

ERO Risk Elements

SPP RE Risk Elements & IP

Registered Entity Risk Assessment

NERC Risk Element Process

• NERC Risk Elements Guide will be folded into a new NERC Guide for Risk-Based Compliance Monitoring Framework document

• Each year, ERO assesses Bulk Power System (BPS) reliability risks and emerging issues

• NERC develops a matrix and prioritizes risks based on facts and circumstances

4

NERC Risk Element Process

• NERC identifies standards/requirements and registration categories related to identified risks

• Out of the many NERC requirements, we are focusing on standards that:– Encourage proactive compliance to identified risks

– Strongly contribute to reliability

– If violated, have a moderate or significant impact on the BPS

• Results of these steps determined which risk elements went into the ERO IP

5

2015, 2016, 2017 Risk Elements Comparison

6

Table 2: Critical Comparison of 2015, 2016, and 2017 Risk Elements

2015 Risk Elements 2016 Risk Elements 2017 Risk Elements

CybersecurityCritical Infrastructure Protection

Critical Infrastructure Protection

Extreme Physical Events Extreme Physical Events Extreme Physical Events

Infrastructure MaintenanceMaintenance and Management of BPS Assets

Maintenance and Management of BPS Assets

Monitoring and Situational Awareness



Protection System Misoperations

Protection System Failures Protection System Failures Uncoordinated Protection Systems

Long-Term Planning and System Analysis

Event Response/Recovery Event Response/Recovery

Planning and System AnalysisPlanning and System Analysis

Human Error Human Performance Human PerformanceWorkforce Capability (N/A for 2017) (N/A for 2017)

ERO Risk Elements: Critical Infrastructure Protection (CIP)• Remains an area of significant importance

• Risk includes threats and vulnerabilities that result from(1) System downtime

(2) Unauthorized access

(3) Corruption of operational data

• Requirements:– BES Cyber System Categorization: CIP-002-5.1 R1, R2

– Electronic Security Perimeter(s): CIP-005-5 R1, R2

– Physical Security of BES Cyber Systems: CIP-006-6 R1, R2, R3

– Systems Security Management: CIP-007-6 R1, R2, R3, R57

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=CIP-002-5.1&title=Cyber%20Security%20%E2%80%94%20BES%20Cyber%20System%20Categorization&jurisdiction=United%20States

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=CIP-005-5&title=Cyber%20Security%20-%20Electronic%20Security%20Perimeter(s)&jurisdiction=United%20States

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=CIP-006-6&title=Cyber%20Security%20-%20Physical%20Security%20of%20BES%20Cyber%20Systems&jurisdiction=United%20States

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=CIP-007-6&title=Cyber%20Security%20-%20System%20Security%20Management&jurisdiction=United%20States

ERO Risk Elements: Extreme Physical Events• Acts of nature or man-made events that cause extensive

damage to equipment and systems

• Potential consequences are high enough to warrant increased focus

• Requirements:– Physical Security: CIP-014-2 R1, R2, R3

– Geomagnetic Disturbances: EOP-010-1 R1, R3

8

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=CIP-014-2&title=Physical%20Security

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=EOP-010-1&title=Geomagnetic%20Disturbance%20Operations

ERO Risk Elements: Maintenance and Management of BPS Assets

• Infrastructure maintenance

• Misalignment between design and actual construction

• We have seen a slight increase in vegetation-related outages

• Requirements:– Protection Systems: PRC-005-6 R3, R4, R5

– Facility Ratings: FAC-008-3 R6

– Vegetation Management: FAC-003-4 R1, R2, R6, R7

9

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=PRC-005-6&title=Protection%20System,%20Automatic%20Reclosing,%20and%20Sudden%20Pressure%20Relaying

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=FAC-008-3&title=Facility%20Ratings

http://www.nerc.com/pa/Stand/Reliability%20Standards/FAC-003-4.pdf

ERO Risk Elements: Monitoring and Situational Awareness • Operators must have the right tools and data to ensure

reliability

• Requirements:– Reliability Coordination - Current Day Operations:

IRO-005-3.1a R1, R2 (inactive 3/31/2017)

– Reliability Coordination Monitoring and Analysis: IRO-002-4 R3, R4 (Enforceable 4/1/2017)

– Monitoring System Conditions: TOP-006-2 R1, R2, R7 (inactive 3/31/2017)

– Transmission Operations: TOP-001-3 R10, R11 (Enforceable 4/1/2017)

10

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=IRO-005-2a&title=Reliability%20Coordination%20-%20Current%20Day%20Operations

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=IRO-005-3.1a&title=Reliability%20Coordination%20-%20Current%20Day%20Operations&jurisdiction=United%20States

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=TOP-006-2&title=Monitoring%20System%20Conditions&jurisdiction=United%20States

http://www.nerc.com/pa/Stand/Reliability%20Standards/TOP-001-3.pdf

ERO Risk Elements: Protection System Failures

• Ensure system protection is coordinated among operating entities

• Ensure misoperations are analyzed and mitigated

• Requirements:– System Protection Coordination:

PRC-001-1(ii) R3, R4, R5

– Protection System Misoperation Identification and CorrectionPRC-004-4(i) R1, R2

11

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=PRC-001-1.1(ii)&title=System%20Protection%20Coordination&jurisdiction=United%20States

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=PRC-004-4(i)&title=Protection%20System%20Misoperation%20Identification%20and%20Correction&jurisdiction=United%20States

ERO Risk Elements: Event Response/Recovery • Timely restoration following events and preventing

events by monitoring SOLs and IROLs

• Requirements:– Emergency Operations Planning: EOP-001-2.1b R1, R2, R3

(Inactive 3/31/2017)

– Emergency Operations: EOP-011-1 R1, R2 (Enforceable 4/1/2017)

– Reporting SOL and IROL Violations: TOP-007-0 R1, R2, R3, R4 (Inactive 3/31/2017)

– Transmission Operations: TOP-001-3 R12, R14 (Enforceable 4/1/2017)

– Reliability Coordination – Responsibilities: IRO-001-4 R1 (Enforceable 4/1/2017) 12

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=EOP-001-2.1b&title=Emergency%20Operations%20Planning&jurisdiction=United%20States

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=EOP-011-1&title=Emergency%20Operations&jurisdiction=United%20States

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=TOP-007-0&title=Reporting%20System%20Operating%20Limit%20(SOL)%20and%20Interconnection%20Reliability%20Operating%20Limit%20(IROL)%20Violations&jurisdiction=United%20States

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=TOP-001-3&title=Transmission%20Operations&jurisdiction=United%20States

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=IRO-001-4&title=Reliability%20Coordination%20-%20Responsibilities%20and%20Authorities&jurisdiction=United%20States

ERO Risk Elements: Planning and System Analysis

• Coordinated planning

• Requirements:– Capacity and Energy Emergencies: EOP-002-3.1 R4

(Inactive 3/31/2017)

– Operations Planning: TOP-002-4 R4, R5 (Enforceable 4/1/2017)

– Transmission System Planning Performance Requirements: TPL-001-4 R1, R2, R3, R4

– Establish and Communicate System Operating Limits: FAC-014-2 R1, R5

13

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=EOP-002-3.1&title=Capacity%20and%20Energy%20Emergencies&jurisdiction=United%20States

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=TOP-002-3&title=Operations%20Planning&jurisdiction=United%20States

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=TPL-001-4&title=Transmission%20System%20Planning%20Performance%20Requirements&jurisdiction=United%20States

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=FAC-014-2&title=Establish%20and%20Communicate%20System%20Operating%20Limits&jurisdiction=United%20States

ERO Risk Elements: Human Performance

• Reducing and preventing errors made by operations personnel

• Requirements:– Operating Personnel Communications Protocols:

COM-002-4 R5

– Operations Personnel Training: PER-005-2 R3, R4

14

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=COM-002-4&title=Operating%20Personnel%20Communications%20Protocols&jurisdiction=United%20States

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=PER-005-2&title=Operations%20Personnel%20Training&jurisdiction=United%20States

SPP RE RISK ELEMENTS AND IMPLEMENTATION PLAN

15

ERO Risk Elements



SPP RE Risk Elements

• SPP RE-specific risk elements based on:– Compliance findings

– Regional events

– Regional assessments

– SPP RE staff’s professional judgement

16

2017 SPP RE Risk Elements: Voltage Support

• Due to the number of Self-Reports indicating failure to maintain reactive support and voltage control

• Ensuring generators provide reactive support and voltage control to protect equipment and maintain reliable operation– Generator Operation for Maintaining Network Voltage

Schedules: VAR-002-4/R1, R2

17

http://www.nerc.com/_layouts/PrintStandard.aspx?standardnumber=VAR-002-4&title=Generator%20Operation%20for%20Maintaining%20Network%20Voltage%20Schedules&jurisdiction=United%20States

Additional Areas of Focus for ERO Risk Elements• SPP RE is expanding 4 ERO Risk Elements

– Critical Infrastructure Protection CIP-004-6 R4, CIP-007-6 R4

– Maintenance and Management of BPS Assets FAC-008-3 R1, R2, R3

– Event Response/Recovery EOP-008-1 R1, R4

18

SPP RE Implementation Plan• SPP RE IP, Appendix A6 in ERO IP, will be posted by

Nov. 1

• Continue to engage Registered Entities that request Internal Control Evaluations, Self-Logging and Coordinated Oversight Program for Multi-Regional Registered Entities

• SPP RE will continue to develop and refine tools and templates used for compliance monitoring

• SPP RE will continue to collaborate with NERC, other REs and Registered Entities to identify changes to enhance processes

19

SPP RE IP

• SPP RE CIP monitoring will focus on Registered Entities with high, medium, and low impact BES Cyber Systems

• Periodic data submittals, and Self-Certification according to the SPP RE 2017 Reporting Requirements Schedule

20

REGISTERED ENTITY RISK ASSESSMENT

21

ERO Risk Elements



Inherent Risk Assessment

22

jim

IRA Risk Factors

• When developing IRAs, we apply 18 risk factors to the Registered Entity, such as its critical transmission and load– These risk factors are common across all REs, with some

regional differences

• Each risk factor has criteria for high, medium and low risk

• Each risk factor has associated standards and requirements

23

18 Common Registered Entity Risk Factors

24

Risk Factors ApplicabilityUFLS Equipment TO, DPUFLS Development and Coordination PCUVLS TOP, TO, DPLoad TO, TSP, DP

Transmission Portfolio TO, TOP, BA, RC, TP, PC, Specific GO (as found in applicability sections about long lead lines)

Voltage Control TO, TOP, GO, GOPLargest Generator Facility GOVariable Generation BATotal Generation Capacity GO, GOPPlanned Facilities TO, GO, TP, RP

CIP - Control Center Influence RC, BA, TOP, TO, GOP, GO, DPCIP Connectivity RC, BA, TOP, TO, GOP, GOCritical Transmission TO, TOP, BA, RC, TP

BA Coordination BA

RAS/SPS TO,GO,DP,RC,TOPWorkforce Capability TOP, BA, RC, GOPMonitoring and Situational Awareness Tools TOP, RC, BA, GOP

System Restoration RC, TOP, GO, GOP, DP

SPP RE Inherent Risk Assessments (IRA)

• 2016 SPP RE goal is to initiate all Registered Entities IRAs

• “Inherent” is what the Registered Entity is:– Control centers, transmission levels, generation, load, etc.

• We consider performance:– Compliance history, compliance culture, events

• We put this information into risk factor spreadsheet to determine where entity is on each risk factor

25

Compliance Oversight Plan

• SPP RE will determine a Registered Entity’s Compliance Oversight Plan based on its IRA

• Compliance Oversight Plan includes:

– Interval

– Method

– Scope of monitoring activities

• Registered Entities on 2017 monitoring schedule will have IRAs refreshed

26

Compliance Oversight Plan• Monitoring Methods

– On-site audits, Off-site audits, Spot-Checks

– Self-Certification may be required in conjunction with other monitoring activities

– Registered Entity is responsible for self-monitoring all applicable requirements

• Monitoring Scope– Determined by Registered Entity’s IRA

– Not limited to the ERO and SPP RE Risk Elements and associated standards

27

2017 Compliance Monitoring Interval

• BA/TOP/RC will continue 3-year cycle

• Registered Entities that had a previous compliance monitoring activity 6 years ago

• SPP RE determines a Registered Entity’s IRA indicates the need for monitoring interval to be more frequently than every 6 years

• Every Registered Entity will be monitored at least every 6 years

28

THE SCHEDULE

29

2017 Implementation Plan – Ops & Planning

30

Entity Name Type of Monitoring

City Utilities Of Springfield, MO (SPRM) O&PAES Shady Point, LLC (AESSP) O&PKansas Electric Power Cooperative, Inc. (KEPC) O&PCentral Valley Electric Cooperative, Inc. (CVEC) O&PCity Of Gardner (GARDNER) O&POklahoma Gas And Electric Co. (OKGE) O&PCity Of Ottawa (OTTAWA) O&PFarmers' Electric Cooperative, Inc. Of New Mexico (FARMCOOPNM) O&PGrand River Dam Authority (GRDA) O&PGreen Country Energy, LLC (GREENCOGO) O&PGreen Country Operating Services, LLC (GREENCOGOP) O&POneta Power, LLC (ONETA) O&PRita Blanca Electric Inc. O&PUSACE - Kansas City District (COEKS) O&PLlano Estacado Wind, LP (LLANOEWIND) SPPRE LRE O&P-MRRE-SPPNorthern Iowa Wind Power 1, LLC SPPRE LRE O&P-MRRE-SPPSouthwestern Power Administration (SWPA) O&PLouisiana Energy & Power Authority (LEPA) O&PLafayette Utilities System (LAFA) O&PLubbock Power And Light (LPLTX) O&PThe Empire District Electric Company (EDE) O&P

2017 Implementation Plan - CIP

31

Entity Name Type of Monitoring

The Empire District Electric Company (EDE) CIP Cleco Corporation (CLECO) CIP Midwest Energy, Inc. (MIDW) CIP Caney River Wind Project, LLC (CRWP) CIP Sikeston Board Of Municipal Utilities (SIKESTONMO) CIP City Of Ottawa (OTTAWA) CIPDogwood Power Management, LLC (DPM) CIP North American Energy Services - Dogwood (NAESDOGW) CIP Green Country Energy, LLC (GREENCOGO) CIP Green Country Operating Services, LLC (GREENCOGOP) CIP Lubbock Power And Light (LPLTX) CIP Kansas City Power & Light Company (KCPL) CIP Llano Estacado Wind, LP (LLANOEWIND) SPPRE LRE CIP-MRRE-SPPNorthern Iowa Wind Power 1, LLC SPPRE LRE CIP-MRRE-SPPFlat Ridge 2 Wind Energy LLC (FRWEII) CIP KODE Novus Wind I, LLC (KODE) CIP Canadian Hills Wind, LLC (CHW) CIP NAES Corporation - Goodman Energy Center (NAESGEC) CIP Post Rock Wind Power Project, LLC (PRWP) CIP Board Of Public Utilities (Kansas City KS) (BPU) CIP Spearville 3, LLC (SPEAR3) CIP Spinning Spur Wind, LLC (SPINSPUR) CIP

2017 Coordinated Oversight

32

Coordinated Oversight Type of Monitoring

American Electric Power Service Corp. (AEPW) / RF LRE CIP-MRREArbuckle Mountain Wind Farm LLC (AMWF) / RF LRE O&P/CIP-MRREBlue Canyon II Windpower LLC (BCWII) / RF LRE O&P/CIP-MRREBlue Canyon Windpower LLC (BCWI) / RF LRE O&P/CIP-MRREBlue Canyon Windpower V, LLC (BCWV) / RF LRE O&P/CIP-MRREBlue Canyon Windpower VI, LLC (BC6) / RF LRE O&P/CIP-MRRECimarron Windpower II, LLC (CIMW) / Texas RE LRE O&P/CIP-MRRECloud County Wind Farm, LLC, (CCWF) / RF LRE O&P/CIP-MRREDuke Energy Generation Services, Inc. (DEGS) / Texas RE LRE O&P/CIP-MRREIronwood Windpower, LLC (IRONWOOD) / Texas LRE O&P/CIP-MRREITC Great Plains, LLC (ITCGP) / RF LRE O&P/CIP-MRRE

Southwestern Public Service Co. (Xcel Energy) (SPS) / LRE MRO O&P/CIP-MRRE

Waverly Wind Farm LLC (Waverly) / RF LRE O&P/CIP-MRRE

2017 Implementation Plan• IP development:

– ERO Risk Elements

– SPP RE Risk Elements

– Registered Entity Inherent Risk Assessment

– Compliance Oversight Plan

• We have covered many of the new standards in previous workshops and videos:– 2015 workshop materials

– 2016 workshop materials (on left)

– Video Library

• 2017 Compliance documents will be posted here 33

https://www.spp.org/spp-documents-filings/?id=20274

https://www.spp.org/regional-entity/outreach/

https://vimeopro.com/sppcompliance/re

https://www.spp.org/spp-documents-filings/?id=74981

1

CIP UpdateOctober 24, 2016

Kevin B. PerryDirector, Critical Infrastructure Protection

CIP Update – Audit Schedule

• CIP V5 Revisions (V6) became effective 7/1/16 for High and Medium Impact BES Cyber Systems.

• CIP Compliance Audit Schedule:– 2016 CIP Compliance Audits:

Three audits and one spot check completed.

Last audit of the year scheduled in November.

– 2017 CIP Compliance Audits: 35 Registered Entities scheduled for CIP audits (15 MRRE).

Includes three audits pushed into 2017 due to delayed effective date of the Revised CIP V5 Standards.

No word yet on any FERC-led CIP compliance audits.

2

CIP Update – CIP Revisions

• Order 822 Standards Drafting Team working actively working on additional revisions.– FERC Order 822 requires revisions to the definition

of Low Impact External Routable Connectivity (LERC) to be submitted no later than 3/31/2017.

– Modifications being made to CIP-003-6 to address FERC directive on LERC.

– Modifications being made concurrently to CIP-003-6 to add management of Transient Cyber Assets used with Low Impact BES Cyber Systems.

3


• The LERC revisions failed on the first ballot

• New revisions have been developed and are in final preparation for balloting.

– Eliminates the need for the term Low Impact Electronic Routable Connectivity (LERC) and Low Impact BES Cyber System Electronic Access Point (LEAP).

– Revised Requirement incorporates concepts.

4

Ballot Non-binding Poll

Name Quorum / Approval Quorum / Supportive Opinions

CIP-003-7 85.00% / 41.54% 83.18% / 37.73%

CIP-003-7 implementation plan 84.37% / 41.77%

LERC and its definition 84.62% / 30.63%


• Revised requirement (Attachment 1, Section 3):

Permit only necessary inbound and outbound electronic access as determined by the Responsible Entity for any communications that are:

– between a low impact BES Cyber System(s) and a Cyber Asset(s) outside the asset containing low impact BES Cyber system(s);

– using a routable protocol when entering or leaving the asset containing the low impact BES Cyber System(s); and,

– not used for time-sensitive protection or control functions between intelligent electronic devices (e.g. communications using protocol IEC TR-61850-90-5 R-GOOSE) 5


• CIP-003-7, containing only the LERC modifications, posted for comment and ballot here– 45-day comment period open through 8:00 PM Eastern,

Monday, December 5, 2016.

– Balloting will be conducted November 23 – December 5, 2016

– Will include a non-binding poll of the associated Violation Risk Factors and Violations Severity Levels.

6

http://www.nerc.com/pa/Stand/Pages/Project%202016-02%20Modifications%20to%20CIP%20Standards.aspx


• Transient Cyber Assets and Removable Media used with Low Impact BCS– Proposed as Section 5 to Attachment 1 of CIP-003-6

– Entity managed Transient Cyber Assets require use of anti-malware or white listing

– 3rd party Transient Cyber Assets require review of 3rd

party methods deployed to mitigate the introduction of malicious code

– Removable Media requires method to detect malicious code and process to mitigate any detected malware before use with a BES Cyber System.

7

CIP Update – Supply Chain Management

• Standard Drafting Team established to address FERC Order 829 requiring the development of a new or modified standard to address “supply chain risk management for industrial control system hardware, software, and computing and networking services associated with bulk electric system operations.”

• Standards Authorization Request posted for 30-day informal comment period (closes 8 p.m. Eastern, Friday, November 18, 2016).

• Standard must be submitted to FERC by September 27, 2017.

8


• The new Reliability Standard is expected to address the following security objectives:(1) software integrity and authenticity;

(2) vendor remote access;

(3) information system planning; and

(4) vendor risk management and procurement controls.

9


• Cyber Security Supply Chain Management Technical Conference announced.– November 10, 2016 | 9:00 a.m. – 4:00 p.m. Eastern

Grand Hyatt Atlanta in Buckhead, Atlanta, GA

– In Person Registration needs to be completed no later than Friday, November 4. 2016.

– Can also participate by Webinar. Dial-in: 1-855-655-9244 Conference ID Code: 6398643 Broadcast Audio Available

10

https://www.eventbrite.com/e/project-2016-03-cyber-security-supply-chain-management-technical-conference-registration-28785291582

https://cc.readytalk.com/r/21t36pdeyhy6&eom

CIP Update – CIP V5/V6 Violations since 7/1

11

• Summary of violations per Region and StandardStandard FRCC MRO NPCC RF SERC SPP RE TRE WECCCIP-002-3 1CIP-002-5.1 1 2 3 4 1 2CIP-003-3 6CIP-004-3 6CIP-004-6 5 2 2 6 3 1CIP-005-3a 2CIP-005-5 3 4 3 6CIP-006-3c 7CIP-006-6 1 1 3 10 3 7CIP-007-3a 10 6CIP-007-6 2 5 7 7 3 1 6CIP-008-5 3CIP-009-6 1 1CIP-010-2 7 7 4 3 2CIP-011-2 2 1CIP-014-2 1 1Total 2 29 12 31 63 16 6 16


• Breakout of violations by discovery type

12

Source FRCC MRO NPCC RF SERC SPP RE TRE WECC

Self-Reported 2 29 12 25 58 9 6 16

RE Found 0 0 0 6 5 7 0 0

Self-Reported 100% 100% 100% 81% 92% 56% 100% 100%

RE Found 0% 0% 0% 19% 8% 44% 0% 0%


• Breakout of violations in SPP RE Region

13

Standard/Rqmt. SPP RECIP-002-5.1 R1. 1CIP-004-6 R4. 1CIP-004-6 R5. 2CIP-005-5 R1. 4CIP-005-5 R2. 2CIP-007-6 R1. 1CIP-007-6 R2. 1CIP-007-6 R5. 1CIP-010-2 R1. 3Total 16

System Events

Alan WahlstromLead Engineer

October 24, 2016

1

SPP Regional Events (July 1–September 30)

• 3 events occurred in the SPP region Q3-16

• All events were in the lowest assignable risk category – Two category 1a. Loss of three or more elements

– One category 1h. Partial loss of EMS

2

115 KV Line Fault– Event Category 1a

• Two structures down due to 70 mph wind gusts

• Breaker failed

• Second breaker reclosed three times and stayed closed

• Four misoperations

• 100 MW load lost

3

Loss of ICCP Link

• ICCP link quit sending or receiving data with RTO

• RTO rebooted their routers and restarted ICCP link

• Later the next day ICCP link failed a second time

• Utility recognized a firewall firmware update was applied the morning of the first ICCP link failure

• Firmware was rolled back no other incidents happen

4

Loss of Two Transmission Lines and Generator

• Maintenance was performed to upgrade breaker failure relays

• Cross arm fell causing a fault on A phase

• Maintenance forgot to connect the primary and secondary trip circuits on one of the breakers on ring bus

• 75 MW generation lost, no load was lost

5

NERC LESSONS LEARNED

6

Line Relay Coordination

• Loss of three 345 KV transmission lines due to a phase-to-ground fault

• Fault on one line resulted in a misoperation that tripped a second line

• As a result of these two lines tripping, the third line was open-ended due to the station bus configuration

• Prior to the event, equipment failure resulted in the permissive overreaching transfer trip (POTT) relay communication system being out of service at Substation 1

7

Lesson Learned

• Entity 1 and Entity 2 will now require all relay work associated with tie lines be reviewed by both relay departments, regardless of which entity initiates the work

• When relay work is conducted on any tie-line facilities (circuits that terminate in different entity substations), special care should be taken to ensure policies and maintenance practices of both entities are the same

9

NERC Facility Ratings Alert Cost

• Evaluation and assessmentsApproximately $18,000,000

10

Oscillation Event Affecting SPP and Neighboring Regions

Mike NugentOperations Engineer

Topics

12

• PMU Technology Background

• Overview of Event

Background

13

What are Synchrophasors?

14

• Synchrophasors are time-synchronized measurements of magnitude and phase angle of voltage and current

• They are measured by devices called Phasor Measurement Units (PMUs) that record samples 30 to 60 times a second

• These devices also measure system frequency

• Synchrophasor technology will be used for real-time operations and off-line engineering analysis

15

PMU vs. SCADA Technology• PMUs sample data at 30-60 times per second, while SCADA

samples once every 4-10 seconds.

• SCADA readings come in from different locations at different times (skew).

• PMU measurements are geo-synchronized to the millisecond

• This means PMU measurements can be compared across the grid to measure system dynamics and analyze disturbances

Source: EIA, 2012

System Oscillation Stability

16

Event Overview

17

Event Overview In early 2016, a sustained 1.4Hz oscillation was picked

up by PMUs inside and outside of SPP

Strongest oscillation lasted 7-8 minutes and affected multiple generating units in SPP and neighboring regions

Hydro unit tripped at height of the oscillation event

Oscillations disappeared immediately after

Oscillations returned minutes later but at a lower magnitude, eventually damping with no other unit loss

SCADA is not polling fast enough (every 4-10s) to pick up these frequency oscillations (1.4Hz = 0.71s)

18

FFT Analysis of 1.4Hz Oscillation

We see this 1.4 Hz mode present multiple times throughout the week of the event

Same or similar modes have been observed since then, at low magnitudes

Something caused the underlying 1.4Hz mode to become unstable, causing multiple units to react

19

1.0

1.2

1.4

1.6

1.8

2.0

2.2

2.4

0 1 2 3 4 5 6 7

Hz

Day of Week

Frequency of Oscillation

00.05

0.10.15

0.20.25

0.30.35

0.40.45

0.5

0 1 2 3 4 5 6 7

Max

FF

T M

ag (i

n D

egre

es) i

n

1-M

inu

te W

ind

ows

Day of Week

Magnitude of Oscillation

20

Unit MW Swings• Several resources had MW swings at the same time. • Graph shows a hydro unit tripping off around 09:27 and the system

swings stopping immediately after• The swings return later and dampen with the hydro unit remaining

online.

21

Unit MW Swings – Hydro PlantUnits at this hydro facility swung ~30MW each.

One of the units tripped off around 9:27.

It is difficult to tell from SCADA if the units were swinging together or against each other

22

Geographic Overview of Unit MW Swings from SCADA

PMU Graphs

23

24

Oscillation Begins (09:23)

Oscillation Ends (09:28)

PMU Observed Frequency

25

PMU Voltage and Current Magnitude

Current

Voltage

0.726kV Voltage Swing @ 09:27

18.2A Current Swing @ 09:27

26

PMU Phase Angle

35 Degree Phase Angle Swing @ 09:27

27

Oscillation Energy vs MW Swings (2 hour window)Unit MW Swings

Analysis Root cause of oscillation is still unknown

1.4Hz mode is in a frequency band normally associated with local generator control issues

Generator owners were contacted and confirmed no controls settings had been changed

Others in industry have seen 1.4Hz oscillations with hydro units

There are limited PMU devices available in the affected area, limiting ability to pinpoint source of oscillation

Future connections to neighbor’s PMU data will help

SPP is continuing to monitor available PMU signals in the area for future oscillations

We hope to be able to attribute these oscillations to system changes or events

28

29

References Diagnosing Equipment Health and Misoperations with PMU

Data: https://www.naspi.org/File.aspx?fileID=1417

Dmitry Kosterev, BPA - Oscillations in Power Systems: https://www.wecc.biz/Administrative/18%20Kosterev%20BPA%20Oscillation%20Damping.pdf

https://www.naspi.org/File.aspx?fileID=521


https://www.wecc.biz/Administrative/18%20Kosterev%20BPA%20Oscillation%20Damping.pdf


30

Questions?

Mike NugentSenior Operations [email protected] 501.688.1737

1

Enforcement UpdateOctober 24, 2016

Joe GertschManager of Enforcement

Enforcement Monthly Violation Processing

3

4

Enforcement Processing Methods

SPP RE Caseload – September 30, 2016• 186 - Active SPP RE Violations

19 - Settlement133 - Settlement Not Requested (NAVAPS/NOCV)34 – Multi Region Registered Entity (MRRE) - SPP RE Lead on 1274 – PRC-019, PRC-024, MOD-025

• 124 - 693 Violations

• 62 - CIP Violations

• Discovery Method37 - Audit74 - Self Report69 - Self Certification3 – Spot Check3 - Log

5

Caseload Aging

• SPP RE – 164 violations

• Average age - 127 daysAge (days) Violations

> 300 31201 – 300 2101 – 200 1251 – 100 21

1 - 50 98

• Pre-2015 violations: 14

• MRRE: 22 violations, average age - 549 days

6

SPP RE 2016 Violation Dismissals

Consolidation with another violation ……………………. 3

NERC V3 – V5 Guidance (approach 2) …………………….. 1

Self-Report wrong standard and/or requirement……. 0

Provided exculpatory evidence ……………………………… 1

Incorrect Interpretation of Standard ……………………… 7

Total 12

7

September Mitigation Plan Summary

• Mitigation Plan Status (month/year)Submitted 12/38

Accepted 6/33

Certified Complete 6/27

Completion Verified 1/32

Mitigating Activity Completed 4/28

• Active Violations with no Mitigation PlansInitiated 114 (74)

8

Active Violations without Mitigation Plans

9

Active Violations without Mitigation Plans

• Discovery MethodCompliance Audit 10Spot Check 3Self- Certification 4 (61)Self-Report 22 (13)Log 1

• Average age - 73 daysAge (days) Violations

> 300 3201 – 300 0101 – 200 551 – 100 10

1 - 50 22

10

Mitigation Plan Submissions

11

Mitigating Activity Submissions

12

13

Joe GertschManager of [email protected]

1

General Manager’s ReportSPP RE Trustees MeetingOct. 24, 2016

Little Rock, AR

Ron CiesielSPP RE General Manager

Violations by Year

2

GO/TO Self Certification, September 2016

• New standards effective 7/1/16 with phased-in implementation

– MOD-025-2 – Verification of Generator Real and Reactive Power Capability and Synchronous Condenser Reactive Capability

– PRC-019-2- Coordination of Generating Unit or Plant Capabilities, Voltage Regulating Controls and Protection

– PRC-024-2 – Generator Frequency and Voltage Protective Relay Settings

• 40% of applicable generation units capability tested or settings verified by 7/1/16

• Based on each NERC registration– e.g. Entity registers one wind farm; it needs to be fully

compliant by 7/1/163

http://www.nerc.com/files/MOD-025-2.pdf

http://www.nerc.com/pa/Stand/Reliability%20Standards/PRC-019-2.pdf


Self-Certification/Self-Reports Q3-16

• 81 violations reported– MOD-025-2: 34 violations

– PRC-019-2: 18 violations

– PRC-024-2: 29 violations

• Reasons:– Did not understand Implementation Plan

– Arranging outages for testing

– Awaiting third-party availability for testing

4

5

Most Violated StandardsBased on rolling 12 months through 9/30/16 [Represents ~ 84% of total violations]

The current period is the most recent 12 months.The previous period is the previous 12 months.* 2016 NERC Top 10

SPPRE

RankStandard Description

ViolationsCurrent Period

ViolationsPrevious Period

∆ Risk Factor

1 MOD-025 Generator Capability Testing 34 0 +34 Medium

2 PRC-024 Generator Relay Settings (Hz & V) 29 0 +29 Med./Lower

3* PRC-005 Protection System Maintenance 19 5 +14 High/Med.

4 PRC-019 Generator Regulating Controls 18 0 +18 Medium

5* CIP-007 Systems Security Management 8 16 -8 Medium

6* CIP-004 Personnel & Training 7 4 +3 Med./Lower

7 CIP-005 Electronic Security Perimeters 7 12 -5 Medium

8* VAR-002 Network Voltage Schedules 6 6 0 Med./Lower

9* FAC-008 Facility Ratings 5 4 +1 Med./Lower

10* CIP-006 Physical Security - Cyber Assets 3 9 -6 Medium

All SPP RE Top 10 Total Incoming 136 56 +80

VEGETATION CONTACTS

REPORTABLE ACTIONABLE

NERC Q2-2016 Q3-2015(Q2-2016 LAST

OFFICIAL REPORT)

SPP RE Q4-2015 Q3-2010(Q2-2016 LAST

OFFICIAL REPORT)

6

SPP RE Misoperation Report as of Q2-16

Causes of Misoperations Q2-14 to Q2-16

Success Rate by Voltage Category

Misoperations by Type

Risk-Based Compliance• 40 Inherent Risk Assessments (IRA) completed

– Summary report submitted to NERC

• 4 Internal Control Assessments completed– Removed requirements from auditors’ review

– Reduced sample size

• Operations & Planning has completed:– 3 of 4 on-site audits

– 14 off-site audits

9 off-site completed

IRAs reduced 4 off-site audits to Spot-Checks

• CIP completed 3 of 4 on-site V6 audits that began in July 11

12

New Standards: January 1, 2017

• IRO-010-2 Reliability Coordinator Data Specifications and Collection (Requirements R1 and R2)

• TOP -003-3 Operational Reliability Data (all Requirements except R5)

http://www.nerc.com/pa/Stand/Reliability%20Standards/IRO-010-2.pdf


New Standards: April 1, 2017

• CIP-003-6-Cyber Security-Security Management Controls (Requirements 1.2-2)

• CIP-010-2 – Cyber Security Configuration change Management and Vunerability Assessments (Requirement 4)

• EOP-004-3 – Event Reporting

• EOP-010-1 — Geomagnetic Disturbance Operations

• EOP-011-1 – Emergency Operations

• FAC-010-3 – System Operating Limits Methodology for the Planning Horizon

13

http://www.nerc.com/pa/Stand/Reliability%20Standards/CIP-003-6.pdf


http://www.nerc.com/pa/Stand/Reliability%20Standards/EOP-004-3.pdf




New Standards: April 1, 2017• FAC-011-3 – System Operating Limits Methodology for

the Operations Horizon

• IRO-001-4 – Reliability Coordination: Responsibilities

• IRO-002-4 – Reliability Coordination: Monitoring and Analysis

• IRO-008-2 – Reliability Coordinator Operational Analyses and Real-time Assessments

• IRO-010-2 – Reliability Coordinator Data Specification and Collection (Requirement R3)

• IRO-014-3 – Coordination Among Reliability Coordinators

14







New Standards: April 1, 2017• IRO-017-1 – Outage Coordination

• MOD-029-2a – Rated System Path Methodology

• MOD-030-3 – Flowgate Methodology

• PRC-010-1 – Undervoltage Load Shedding

• PRC-015-1 – Remedial Action Scheme Data and Documentation

• PRC-016-1 – Remedial Action Scheme Misoperations

• PRC-017-1 – Remedial Action Scheme Maintenance and Testing

15


http://www.nerc.com/pa/Stand/Reliability%20Standards/MOD-029-2a.pdf

http://www.nerc.com/pa/Stand/Reliability%20Standards/MOD-030-3.pdf






• PRC-023-4 – Transmission Relay Loadability

• TOP-001-3 – Transmission Operations

• TOP-002-4 – Operations Planning

• TOP-003-3 – Operational Reliability Data (Requirement R5)

16






• PRC-004-5(i) – Protection System Misoperation Identification and Correction

• PRC-010-2 – Undervoltage Load Shedding

17



New Standards: July 1, 2017

• CIP-004-6-Cyber Security – Personnel & Training (Requirements 2.3,4.3, 4.4)

• CIP-006-6-Cyber Security - Physical Security of BES Cyber Systems (Requirement 3.1)

• CIP-008-5-Cyber Security – Incident Reporting and Response Planning (Requirement 2.1)

• CIP-009-6-Cyber Security – Recovery Plans for BES Cyber Systems (Requirement 2.1-2.2)

• CIP-010-2-Cyber Security Configuration Change Management and Vulnerability Assessments (Requirement 3.1)

18






New Standards: July 1, 2017

• MOD-033-1 — Steady-State and Dynamic System Model Validation

19

http://www.nerc.com/pa/Stand/Reliability%20Standards/MOD-033-1.pdf

New Standards: Oct. 1, 2017

• None

20

1

SPP RE 3rd Quarter Financial ReportOctober 24, 2016

Ron CiesielRE General Manager

2016 3rd Quarter Actuals vs. Budget• Total expenses ~$562k under budget

– Personnel Expenses ~$181k under budget

– Meeting/Travel Expenses ~$234k under budget

– Professional Services ~$137k under budget

– SPP, Inc. Overhead Charge ~$10k under budget

2

$0

$1,000

$2,000

$3,000

$4,000

$5,000

Personnel Meetings/Travel Prof. Services SPP, Inc.

Thou

sand

s

Year-To-Date Expenditures Budget

Overview

• SPP RE has four open staff positions: – Compliance Director – Open at end of 2015; not seeking

candidates

– Law Clerk – Open Q2; not seeking candidates

– CIP Auditor – Open via attrition Q2; hired replacement in September; start date November

– O&P Auditor – Open via attrition Q3; candidates will be sought later this year

• Open positions drive a large percentage of actual-to-budget variance; impacts personnel and travel expenses

3

Overview, cont.• Contractor/Consultant/Professional Service costs

below budget – CIP V5 Implementation Delay

4 Audits Scheduled for 2016 moved to 2017

– Increasing staff experience Pre-audit work, including Inherent Risk Assessment activities,

leading to reduced time onsite or reduction in audit team size

– Engineering Data Validation Tool Development halted Q1; need for tool still exists

New vendor selected; work to begin late 2016

Project completion expected in 2017

4

Year-End Projection• At the end of Q3, SPP RE projects to be under budget

by $700k– Change in SPP, Inc. charge has reduced previous year

variances; no variance projected

– Personnel expenses ~$200k under budget

– Meeting/travel expenses ~$300k under budget

– Professional services ~$200k under budget

5

SOUTHWEST POWER POOL REGIONAL ENTITYSTATEMENT OF ACTIVITIES

2016 SEPTEMBER YTD DRAFT (UNAUDITED)

(In Whole Dollars)2016 SEPT YTD

ACTUAL2016 SEPT YTD

BUDGET VARIANCE2016 FULL YEAR

PROJECTION2016 FULL

YEAR BUDGET VARIANCEFunding

ERO Funding 6,470,063 6,470,063 - 8,626,751 8,626,751 - Penalty Sanctions 144,750 144,750 - 193,000 193,000 - Total SPP RE Funding 6,614,813 6,614,813 - 8,819,751 8,819,751 -

Testing Fees - - - - - - Workshops - - - - - - Interest 3,184 - 3,184 3,184 - 3,184 Miscellaneous - - - - - -

Total Funding (A) 6,617,997 6,614,813 3,184 8,822,935 8,819,751 3,184

ExpensesPersonnel Expenses

Salaries 2,688,376 2,922,369 (233,993) 3,638,354 3,896,492 (258,138) Payroll Taxes 163,062 223,561.50 (60,499) 231,340 298,082 (66,742) Benefits 370,536 250,173 120,363 466,347 333,564 132,783 Retirement Costs 109,731 116,895 (7,164) 147,957 155,860 (7,903)

Total Personnel Expenses 3,331,706 3,512,999 (181,293) 4,483,997 4,683,997 (200,000)

Meeting ExpensesMeetings 53,897 67,500 (13,603) 72,549 90,000 (17,451) Travel 289,907 510,150 (220,243) 397,651 680,200 (282,549) Conference Calls - - - - - -

Total Meeting Expenses 343,804 577,650 (233,846) 470,200 770,200 (300,000)

Operating ExpensesContracts & Consultants 286,056 723,782 (437,726) 328,163 965,042 (636,879) Office Rent - - - - - - Office Costs 6,862 6,000 862 9,254 8,000 1,254 Administrative Costs - - - - - Professional Services 470,326 115,088 355,238 670,312 153,450 516,862 Computer Purchase & Maint. - - - - - -

Services Depreciation - - - - - - Furniture & EquipmMiscellaneous/ Contingency - 55,834 (55,834) (6,792) 74,445 (81,237) Total Operating Expenses 763,243 900,703 (137,460) 1,000,937 1,200,937 (200,000)

Total Direct Expenses 4,438,753 4,991,351 (552,598) 5,955,134 6,655,134 (700,000)

SPP Inc. Indirect Expenses 2,570,634 2,580,514 (9,880) 3,440,685 3,440,685 - SPP RE Indirect ExpensesTotal Indirect Costs 2,570,634 2,580,514 (9,880) 3,440,685 3,440,685 -

Total Expenses (B) 7,009,387 7,571,865 (562,478) 9,395,819 10,095,819 (700,000)

Net Change in Assets (A-B) (391,390) (957,052) 565,661 (572,884) (1,276,068) 703,184

Fixed AssetsDepreciation - - - - - - Computer & Software CapEx - - - - - - Furniture & Fixtures CapEx - - - - - - Equipment CapEx - - - - - - Leasehold Improvements - - - - - - Increase/(Decrease) in Fixed Assets (C) - - - - - -

Total Budget (Expenses plus Incr (Dec) in Fixed Assets (B+C)) 7,009,387 7,571,865 (562,478) 9,395,819 10,095,819 (700,000)

Change in Working Capital (Total Funding less Total Budget) (A-B-C) (391,390) (957,052) 565,661 (572,884) (1,276,068) 703,184

FTEs* 28.9 29.3 (0) 29.3 29.3 -

Beginning WC - 01/01/2016 3,324,959 1,276,068 2,048,891 3,324,959 1,276,068 2,048,891 Change to WC - 2016 YTD (391,390) (957,052) 565,661 (572,884) (1,276,068) 703,184

Working Capital as of 9/30/16 2,933,568 319,016 2,614,552 2,752,074 - 2,752,074

*Headcount (RE direct staff count as of 9/30/2016 and shared staff YTD billed hours/1880).

Settle Dismiss Total 75.00% 13.43 40%1 12 63 76.83% 75% 75%

31

26.67 114 9 4 40 100%85 100%47.1%

75.00%

89.83% 100%Current Success Rate

12. Cost ControlMaintain Costs at or below 2015 Expenditures

Average Publishing Time 45-50 DaysAverage Publishing Time >=50 Days

100%

Average Publishing Time <=65 DaysAverage Publishing Time 65-75 Days

% Published Reports <=45 Days

Average Days to Publish 31

% Published Reports <=65 Days

Average Days to Publish 46

Current Success Rate

# of Violations closed out

Complete Incoming Compliance Issue Triage in <= 45 days

Current Triage Avg. :

0

7. Publish Off-Site AuditPublish Off-site w/in 45 days

# Published YTD# of Reports Published in more

than 45 DaysAverage Publishing Time <=45 Days

Caseload Complete Metric Eligibility

5. 45 Day Triage

4 0 46

6. Records Close Out

11. Incoming ProcessingNotify NERC of new violations w/in 5 business days

Current Average Days 0.86

Average Days to Close Out Violation Record

Yr. Passed Current Avg. Days

Accept/Reject Mit Plans w/in 30 days

1. Maintain CaseloadMaintain a one year caseload

NOCV % ProcessedFFT Comp. Ex% Metric Period Passed75%

Current Avg. Days Metric Eligibility

SPP RE Metrics Reporting as of September 30, 20163. Mit. Plan Completion 4. Process Pre-2015 Violations

Process 100% of Pre-2015 Caseload

Within Target Outside Target but w/in Alloted Range Outside Alloted Range

Complete Mitigation reviews <= 20 days

2. Mit. Accept/RejectAccept/Reject Resubmitted Mit Plans w/in 10 days

8. Publish On-Site AuditPublish On-site w/in 65 days

# of Reports Published in more than 65 Days

5.11

0

10. Publish Excep., PDS, Self-certPublish reports w/in alloted timeframe 100% of time or greater

9. IRAs CompletedComplete an IRA on 100% of Registered Entities

Current Avg. Days 9.71

15. OutreachConduct 3 Workshops, 6 Webinars/Videos,

and 12 Newsletters in 2016

% of Entities with IRA

# Published YTD

Average Publishing Time >=75 Days

100%

14. Cause Code Success RateAchieve 100% success rate in Cause Coding Events

13. Maintain/Increase Misop Success90 % success rate or greater over rolling 4 quarter avg.

Current Success RateTarget

# of IRAs CompletedTarget

% Year Passed

FFT6%Settle

2%Dismiss

19%

Comp. Ex73%

5.110-10

>10

0-20

20-30

>30

9.71

9

14

3

126

3

Goal

Completed

0-80%

80%-89%

>=90%100%

0-45

46-60

>60

26.67

<=88%

88-90% >=90%

89.83%

<=5 days

5-7 days

>7 days

0.86

Current Success Rate Target

100% 100%

% Published w/in Alloted Time

Yr. PassedCaseload Complete

75.00% 76.83%

% Year Passed vs. Caseload Complete

13.430-30

>30

0-45

45-60

>60

29.43

CIPO&P

$155,624$48,430

$119,376$315,000

Remaining Budget

Costs to date

% Processed% Metric Period

Passed

40%

75%

% of Entitieswith IRA

% Year Passed

47.1%

75.00%

1

Outreach UpdateSPP RE Trustees MeetingOct. 24, 2016

Little Rock, AR

Emily PennelSPP RE Trustees Secretary and Outreach Coordinator

Outreach• Workshops

– 201 attendees at Fall Workshop in Oklahoma City– Oct. 26, Misoperations Summit, Little Rock *– Mar. 28-29, Spring 2017 Workshop: Little Rock– June 27-28, CIP 2017 Workshop: Little Rock– Oct. 24-25, Fall 2017 Workshop: Dallas

• Trustee Meetings– Jan. 30, 2017: Dallas– Apr. 24, 2017: Tulsa– July 24, 2017: Denver– Oct. 30, 2017: Little Rock

* Sponsored by SPP System Protection and Control Working Group & SPP Reliability Compliance Working Group

2

https://www.spp.org/events/calendar/misoperations-summit/

https://www.spp.org/events/calendar/spring-spp-re-workshop-1/

https://www.spp.org/events/calendar/re-trustees-meeting-2017-01-30/

https://www.spp.org/events/calendar/regional-entity-trustees-meeting-2017-04-24/

SPP Regional Trustee Meeting October 24, 2016 September 2016 NERC Planning Committee Update

1

Proposal on Primary Frequency Response The PC approved a request by the Resource Subcommittee (RS) on efforts of RS, NERC, and the NAGF to conduct a generator data survey to be coordinated by Interconnection over multiple years to assess generator primary frequency response. Further this effort will involve outreach to the generators, with coordination with NAGF, to support the existing generation fleet to provide the capability of providing primary frequency response.

• What is the reliability issue? • Dead Band • Outer Loop Controls • Majority of generators in BA’s fleet/ East and West Interconnections are currently

incapable of providing primary frequency responsive and we continue to commission new generation and the trend continues. System Restoration Plans are challenged Transmissions Stability and other models assume generators are capable of

response BA’s get a significant portion of frequency from load and cannot predict the load

response or control it. • The Goal

• Every BES Generator should have a working governor and be set in accordance with Frequency Response Guideline for system reliability and system restoration and provide primary frequency response between Pmin and Pmax.

Probabilistic Assessment Guideline Document

• Summary o NERC to develop and maintain documentation describing the establishment of

Assessment Areas. o Regions and Assessment Areas to provide monthly reliability measures in their metrics

calculations. o Regions and Assessment Areas need to model seasonal load forecast uncertainty. o Regions and Assessment Areas need to incorporate seasonal variations in their modeling

of resource outages. o Assessment Areas need to coordinate with neighboring areas and document coordination

and modeling activities. o Assessment Areas to perform the sensitivity modeling within the Core Probabilistic

Assessment framework. o Assessment Areas to address the reliability issues identified within the LTRA that impact

resource adequacy, within the Special-Coordinated Probabilistic Assessment framework. • PC accepted the final document and approved the disband the PAITF and create the PAIWG.


2

Generating Availability Data System (GADS) Wind Data Reporting Instructions: Proposed Changes The PC approved the minor changes to the GADS Wind Data Reporting Instructions.

• Generating Availability Data System Working Group (GADSWG) made minor revisions to the wind DRI document based on platform being used

• DRI provides guidance for mandatory GADS reporting of wind generators • Modifies the existing Section 1600 mandatory data collection for GADS

o Section 1600 Data Request for wind data reporting, which included the DRI, was approved by NERC’s Board of Trustees on November 5, 2015

• Stakeholders understand and support the proposed minor changes to the Wind DRI • Allows the industry to standardize on concepts and terminology

o Fundamental concepts preserved • Provides additional clarity on data elements and reporting procedures that are specific to

implementation o Improves data quality

Discontinuance of NERC Spare Equipment Database and SEWG Disbandment The PC approved the recommendation by NERC staff to disband the NERC Spare Equipment Database

• NERC will maintain the existing database through the end of 2016 o Entire database will be retired by yearend 2016 o Contract with OATI will not be renewed.

PMU Placement and Installation Draft Reliability Guidelines; The PC approved the posting of the PMU Placement and Installation guideline for a 45-day industry comment period.

• Guideline Overview o PMU Installation

Equipment considerations Digital relays and stand-alone devices Communications and IT Data quality

o Data storage and retrieval o Real-Time Tools

State estimation Oscillation monitoring and analysis Subsynchronous resonance & control interaction Angle difference monitoring Voltage stability Transmission interfaces Remedial action schemes Wide-area visualization & alarming Variable energy resource integration Islanding detection and monitoring


3

Blackstart & system restoration o Offline Analysis Consideration

Power plant model validation System model validation Load model validation Disturbance monitoring Event analysis Frequency response analysis

o Prioritization based on application o Interconnection requirements

Modeling of DER in Dynamic Load Model Draft Reliability Guideline The PC approved the posting of the Modeling of DER in Dynamic Load Models guideline for a 45-day industry comment period.

• Topics addressed: o Differentiating between DER for purposes of modeling o Accounting for DER in power flow records o Linking R-DER to power flow records o Explicit modeling of U-DER o Adaptation to specific systems (modeling thresholds) o Coordination with DERTF (mentioned in guideline)

Reliability Guideline on Power Plant Model Verification The PC approved the Power Plant Model Verification guideline.

• The guideline covers o Fundamental need for representative models o Power Plant Model Verification (PPMV) o Offline Baseline Testing for pro forma Model o Online Performance Monitoring o Process for Model Validation o Value Proposition for Disturbance-Based Verification o Related NERC Reliability Standards o Performing PMU-Based Model Verification

Procedure Overview Measurement & Modeling Considerations Event Selection

o Disturbance-Based Verification Examples Library o Appendix –Software Tools Guidelines


4

Several updates and informational items were shared with the PC which will come back at future meetings for PC actions. These included

• ERAG Planning Model Improvements • Modeling Improvements Initiative • Essential Reliability Services Working Group (ERSWG) • Distributed Energy Resources Task Force (DERTF)

NERC Operating Committee

Report to the SPP Regional Entity Trustee

September 13-14, 2016

Jim Useldinger, South Central MCN

A regular meeting of the NERC Operating Committee (OC) was held on September 13-14, 2016 in Phoenix, Arizona. OC meeting highlights:

• VOTING ITEMS o Reliability Guideline: Situational Awareness for the System Operator

The Personnel Subcommittee developed a reliability guideline that addresses system operator situational awareness. The OC approved posting the draft reliability guideline for a 45-day public comment period.

o Archive the Reliability Guideline: System Operator Communications – Current Industry Practices The Personnel Subcommittee recommended archiving this reliability guideline since COM-002-4 (Operating Personnel Communications Protocols) now addresses most of the principles addressed in the guideline. The OC approved archiving this guideline.

o Eastern Interconnection Unaccounted Inadvertent Interchange The Reliability Subcommittee, noted that on May 11, 2016 the RS sent a letter to all Eastern Interconnection balancing Authorities to seek volunteers to participate in an unaccounted for Inadvertent Interchange true-up. All BAs have responded and the RS recommended the approval of the balance changes for the balancing authority’s inadvertent interchange balance. The unaccounted for Inadvertent Interchange balances are the following:

• On-Peak: 45,410 MWHrs • Off-Peak: -100,647 MWHrs • Total: -55,239 MWHrs

The OC approved the disposition of the Eastern Interconnection unaccounted for inadvertent interchange as proposed.

o Reliability Guideline: Inadvertent Interchange As part of the BAL-006 drafting team process, the recommendation, and subsequent approval of the retirement of BAL-006 as a reliability standard was contingent on the development of an Inadvertent Interchange Guideline. The OC approved posting the draft reliability guideline for a 45-day public comment period.

o Reliability Guideline: Integrating Reporting ACE with the NERC Reliability Standards

As part of the BAL-005 drafting team process, the drafting team developed a guideline that will be beneficial on “how” to calculate ACE since it is used in several Reliability Standards as measurement. The OC approved posting the draft reliability guideline for a 45-day public comment period.

o ERO Event Analysis Process The Event Analysis Subcommittee drafted a revised ERO Event Analysis Process redline and a justification letter for the proposed changes to Event Category 1g and 3a. The justification letter provides the explanation for the changes as requested by ERCOT regarding generation setpoints. The OC approved the revised ERO Event Analysis Process for a 45-day public comment period.

o Time Monitoring Reference Document, Version 4 The Reliability Subcommittee and Operating Reliability Subcommittee developed a reliability reference document that addresses the process for manual time error corrections as a result of the retirement of BAL-004. The Time Monitoring Reference Document, Version 4 was posted for public comment which ended on September 5, 2016. No additional changes were made. The OC approved the document as provided.

o Reliability Coordinator Reliability Plans The Operating Reliability Subcommittee completed their review of the need for reliability plans in light of the new requirements stated in IRO-014. The ORS recommended that the Reliability Coordinators continue to develop and maintain Reliability Plans. The ORS also recommended that the current NERC “Guideline for Approving Regional and Reliability Coordinator Reliability Plans” be updated by the ORS to reflect the ORS expectations around Reliability Plans, such as removing RROs from the process, retaining ORS endorsement of Reliability Plan changes, removing the periodic review requirement, and including criteria for what plan changes need to be brought to the ORS. The ORS agrees that reliability plans could include multiple RCs, if preferred. The OC approved these ORS recommendations.

• INFORMATION ITEMS

o Joint Planning and Operating Committee Meeting NERC is planning to conduct a joint session of the Planning and Operating Committees during their December 2016 meetings. Current plans are to hold this joint session from 10:00 a.m. to 12:00 p.m. on December 13, 2016. The joint session will allow the committees to discuss agenda items of mutual interest to both committees, for example the ERSWG report, the DERTF report, and the schedule for the State of Reliability report.

o SOL and IROL Monitoring Tool Leads to Unnecessary Manual Load Shedding Event Hydro Quebec staff members briefed the OC on an event that occurred on the Hydro Quebec TransEnergie system when a shunt reactor that was connected to a high voltage transmission line was de-energized for voltage control. When the shunt reactor was de-energized, a fault occurred in the shunt reactor breaker, which resulted in tripping of the high voltage transmission line. This sequence of events resulted in two IROL exceedances. HQT system operators implemented emergency operation control actions to restore the interface flow below the IROLs, including starting generation, curtailing interchange transactions, importing

additional emergency energy, and reducing voltage. Within 23 minutes, the interface flow was under the IROL, but still above the SOL. However, the system operator still thought the IROL was exceeded based on operator display interpretations. Therefore, the system operator initiated 1990 MW of manual load shedding to restore the system within the 30 minute IROL criteria. After investigation, HQT determined that the EMS monitoring tools did not clearly differentiate SOLs and IROLs and the SOL/IROL exceedance timer display was misleading. In summary, several lessons learned were identified and implemented from this event.

o Generator Response to Frequency Change Due to Variable Generation Event A Salt River Project staff member provided an overview of a two unit frequency event that occurred. Two 500 kV transmission lines in the Northwest tripped, which resulted in the initiation of a remedial action scheme that dropped 1500 MW of generation. As a result, system frequency dropped which caused additional units to trip offline while attempting to respond to the frequency drop. After investigation, it was determined that these units attempted to boost frequency by rapidly increasing output and tripped offline due to low boiler furnace pressure. SRP has identified several possible correction actions that will be pursued.

o Lessons Learned During Recent Flooding in Entergy Service Area Chair Case provided and overview of the recent flooding in the New Orleans and Baton Rouge portions of the Entergy service area. Entergy files and Emergency Plan with the Louisiana Public Service Commission each year and one section of that plan is specifically dedicated to a Flood Plan. Entergy conducts drills for catastrophic events including flooding. Chair Case described the flood damages to Entergy’s facilities and equipment and presented examples of how Entergy protected its facilities (e,g., stackable Tiger Dams were used in some locations to protect essential substations from floodwaters).

o NERC Functional Model Advisory Group The recent posting of the Functional Model for industry comment resulted in the receipt of a few hundred pages of comments. Therefore, the Functional Model Advisory Group was not able to provide a final document and plans to bring back to the December meeting.

o July 2013 WECC Update on Aliso Canyon A WECC staff member provided an update on 2016 summer operations. No gas has been used from Aliso Canyon since the initial drawdown. During the summer of 2016 the BES was operated reliably despite numerous fires and line outages in Southern California. There were 3 gas curtailments with no impact to electric generation. There were no electrical load interruptions. Voluntary demand response and energy conservation was implemented as appropriate.

• COMMITTEE AND SUBCOMMITTEE ITEMS (in addition to voting items above)

Essential Reliability Services Working Group (ERSWG) and Distributed Energy Resources Task Force (DERTF) The ongoing work and 2016 deliverables for the ERSWG include - 1) A whitepaper on the methodology for the ERS measures sufficiency guidelines. The Sufficiency

Guideline whitepaper is expected to be present to the OC for acceptance at the December 2016 meeting.

a. Focus on Measures 1, 2, and 3 – determining synchronous inertia needed to avoid UFLS and verifying actual system dispatch for more accuracy

2) Assisting in the development of approved measures from the ERS Framework Report. a. Measure 6 – Ramping, using CPS1 exceedance data b. Measure 7 – Reactive Capability on the System, using a proof-of-concept data collection

methodology o Distributed Energy Resources Task Force (DERTF)

The ongoing work ad 2016 deliverables for the DERTF include – 1) Identifying and assessing distributed energy resource impacts 2) Developing a DERTF final report by year end focusing on key areas –

a. How should DER be included in planning and operating models? b. What level of control is needed for reliable system operations? c. W d. hat level of visibility do system operators require? e. How can DER characteristics contribute to or impact the reliability of the bulk

power system? 3) DER Workshop held August 2 & 3, materials posted on NERC website

Operating Reliability Subcommittee (ORS)

1) Approved the NPCC Regional Reliability Plan and the SERC Southeastern Subregion Reliability Plan

2) Continued review of the Electric System Restoration Reference Document 3) Implementation of the Net Actual Interchange and Net Scheduled Interchange tool 4) A Gas/Electric Coordination Guideline outline under development

Resources Subcommittee (RS)

The RS work activity included several voting items separately discussed in the Voting Items above

Event Analysis Subcommittee (EAS)

1) 4th annual Monitoring and Situational Awareness Technical Conference planned for September 27-28, 2016

2) Conducted a Winter Weather Readiness Webinar on September 1

Personnel Subcommittee (PS)

1) Has started a major project to draft Version 4.4 of the Continuing Education Program Manual

Next Meeting The next meeting of the Operating Committee will be on December 13-14, 2016 in Atlanta, Georgia.

CIPC Report to SPP RE Trustees – Page 1

NERC Critical Infrastructure Protection Committee (CIPC)

Report to Southwest Power Pool Regional Entity Trustees

Submitted by Eric Ervin, Chair, SPP CIPWG

September 27, 2016

NERC CIPC Meeting

The NERC CIPC held its quarterly meeting in Albuquerque, NM September 20-21, 2016.

o Agenda, Presentations, and Minutes:

http://www.nerc.com/comm/CIPC/Pages/AgendasHighlightsandMinutes.as

px

NERC hosted one workshops prior to the CIPC Meeting.

o CIPC Workshop: Sandia National Laboratory Tour and Briefings

Opening commented by Mike Mertz, PNM Resources.

Mr. Marc Child, CIPC Chair, Great River Energy opened the meeting

o Mike is the Director of Operations Technology and NERC Compliance at PNM

Resources. PNM is a holding company for Public Service New Mexico (PNM) and

Texas-New Mexico Power (TNMP).

o Next NERC CIPC Meeting will be held in Atlanta, GA December 13-14, 2016.

Mr. Marc Sachs, Senior Vice President and Chief Security Officer, NERC/E-ISAC, provided an

E-ISAC Update

o Discussed Member Executive Committee (MEC) meeting. MEC serves as steering

committee for E-ISAC as far as direction and strategy. Looking at setting up ISAC

focused working groups. CIPC is a Board Committee and the NERC board wants to

make sure it stays devoted to NERC, less to ISAC.

o Documents available on EISAC.com

Understanding your E-ISAC user guide has been released

E-ISAC Brochure

o Current Staffing

20 employees plus two contractors

Bud Holla and Ben Miller have recently left the E-ISAC

Member Services Manager (ESCC recommendation) hired in August

Initiative to integrate DNG-ISAC analyst underway

o Technology

Network and email migration nearing completion; isolating from NERC

Enforcement

STIX/TAXII pilot initiated for the automated sharing of threat indicators

Portal-to-Platform project initiated to overhaul the E-ISAC portal

Increased reporting by E-ISAC partners

Focus in obtaining, analyzing and sharing indicators of compromise and

actionable threat information

Enabling electricity companies to identify sector relevant threats and attacks

http://www.nerc.com/comm/CIPC/Pages/AgendasHighlightsandMinutes.aspx

http://www.nerc.com/comm/CIPC/Pages/AgendasHighlightsandMinutes.aspx

CIPC Report to SPP RE Trustees – Page 2

Mr. Tobias Whitney, provided a CIP V5 Transition and CIP V5 Revisions Update

o Revisions to cover eight (8) issues LERC definition (Order 822) – deadline of March 31, 2017 Transient definitions used at low-impact BES Cyber Systems (Order 822) Communication networks components between BES Control Centers

(Order822) Cyber Asset and BEX Cyber System Asset Definitions (V5TAG) Network and Externally Accessible Devices (V5TAG) Transmission Owner (TO) Control Center Performing Transmission Operator

(TOP) obligations (V5TAG) Virtualization (V5TAG) CIP Exceptional Circumstances

o In addition, the SDT will consider one Request for Interpretation concerning shared BES Cyber Systems

o FERC Order 829 – Supply Chain Security Requirements Order 829 directed the development of s Supply Chain Security Standard.

Must be submitted to FERC by September 27, 2017 (Order 829 effective September 27, 2016)

The new standard must address the following security objectives: Software integrity and authenticity, Vendor remove access, Information system planning, and Vendor Risk management and procurement controls

Mr. Nathan Mitchell, CIPC Vice Chair, APPA, provided a Legislative Update

o Fixing American’s Surface Transportation (FAST ACT 2015)

Provides the Secretary of Energy with the authority to address grid security

emergencies. DOE should develop a plan to establish a Strategic Transformer

Reserve. The Plan should address impacts from Physical attack, Cyber-

attack, Electromagnetic pulse attack, Geomagnetic disturbances, and Severe

weather or seismic events.

o Cyber Information Sharing Act 2015

DHS initiated the automated indicator sharing (“AIS”) program - sharing of

Cyber Threat Indicators and Defensive Measures by the Federal Government.

o S.2012 North American Energy Security and Infrastructure Act of 2016 (in

conference).

On Thursday, September 15 the House & Energy Commerce Committee’s

subcommittee and Energy & Power held a hearing entitled “The Department

of Energy’s role in Advancing the National, Economic, and Energy Security of

the United States.”

Department of Energy (DOE) Secretary Ernie Moniz testified about the role of

DOE in Implementing.

REGIONAL ENTITY TRUSTEES MEETING OCTOBER 24, 2016 SPP ... trustee... · focused on CIP-002-5.1,...

Documents

Transcript of REGIONAL ENTITY TRUSTEES MEETING OCTOBER 24, 2016 SPP ... trustee... · focused on CIP-002-5.1,...